OWASP JoomScan is a perl-based open-source vulnerability scanner used to detect Joomla CMS misconfigurations and security vulnerabilities. The scanner is capable of analyzing a Joomla installation for common misconfigurations and vulnerabilities.
- The attacker runs JoomScan against the target host, enumerating installed themes, plugins, users, and service misconfigurations.
- Joomla installation responds per enumeration attack with either success or failure.
The attacker must be able to send crafted packets to the target system.
Alert Logic Coverage
Alert Logic® has evaluated its customer base for exposure to the exploit and has developed signatures for mitigating the threat depending on the security service in place.
The Network-Based Intrusion Detection System (IDS) has been updated with the new signatures for this exploit when detected via Alert Logic Threat Manager™. If this signature is detected, an incident is generated in the Alert Logic console.
Recommendations for Mitigation
Ensure that all plugins and software on the host are using up-to-date security patches.