Mailinglist Archive: opensuse (1420 mails)

< Previous Next >
[opensuse] Re: forums.opensuse.org down?
  • From: Jim Henderson <hendersj@xxxxxxxxx>
  • Date: Wed, 8 Jan 2014 00:04:00 +0000 (UTC)
  • Message-id: <lai4lb$t30$1@ger.gmane.org>
On Tue, 07 Jan 2014 15:26:52 -0800, John Andersen wrote:

There is a security breach.

[0] https://news.opensuse.org/2014/01/07/opensuse-forums-defaced/
[1]
http://thehackernews.com/2014/01/openSUSE-Forum-Hacked-by-Pakistani-
hacker.html#


From the 2nd link:
The Pakistani Hacker confirmed is that has uploaded a PHP shell on the
forum server using his own Private vBulletin's zero-day exploit, that
allows him to browse, read or write/overwrite any file on the Forum
server without root privileges.


How embarrassing.
I hate forums.

There's a lot of inaccuracy in the thehackernews.com article. Passwords
*were not* compromised (nor were hashes) because we don't use the
standard vBulletin authentication mechanism. It seems e-mails addresses
were. The SEO plugin is where the exploit was, and as that's not
maintained any more, it's been removed.

The tech team is still working on adding additional hardening to the
server.

For those who use NNTP, that interface is unaffected and still running.

Don't hate forums. Hate the hackers who think this is a fun thing to do,
especially to an open source project.

Jim
--
Jim Henderson
Please keep on-topic replies on the list so everyone benefits

--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >