Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

[defaced-commentary] Tripwire.com Forums defaced

From: InfoSec News <isn () c4i org>
Date: Mon, 13 Aug 2001 03:26:08 -0500 (CDT)
---------- Forwarded message ----------
Date: Sun, 12 Aug 2001 17:55:27 -0600 (MDT)
From: security curmudgeon <jericho () attrition org>
To: defaced-commentary () attrition org
Subject: [defaced-commentary] Tripwire.com Forums defaced


On August 12, 2001, a defacer known as 'Evil Angelica' compromised and
defaced a machine on the tripwire.com network. Tripwire is well known
for their Tripwire security product line.

According to the Forums page, Tripwire is running phpBB Version 1.4.0.
Given the recent posting of vulnerability information to Bugtraq (Aug
10) and Vulnwatch (Aug 3), it is very likely the defacement occured
because of the vulnerabilities outlined in these posts.

About Tripwire:
Tripwire solutions are among the most widely deployed and trusted data
and network integrity solutions in the world.  Tripwire software runs
on all leading platforms, including Windows NT, Windows 2000, UNIX,
and Linux enabling you to monitor the most diverse multivendor
environments.

Previous commentary on Evil Angelica:
http://www.attrition.org/security/commentary/angelica.html

Mirror of defacement:
http://defaced.alldas.de/mirror/2001/08/12/forums.tripwire.com/


-
The information and commentary is Copyright 2001, by the individual author.
Permission is granted to quote, reprint or redistribute provided the text is not
altered, and the author and attrition.org is credited. The opinions expressed
in this mail are not necessarily the opinion of all Attrition staff members.

Commentary Archive: http://www.attrition.org/security/commentary/
The Attrition Mirror: http://www.attrition.org/mirror/attrition/
Country/TLD Statistics: http://www.attrition.org/mirror/attrition/country.html
Attrition Defacement Statistics: http://www.attrition.org/mirror/attrition/stats.html
Operating System Graphs: http://www.attrition.org/mirror/attrition/os-graphs.html

Other Web Defacement Mailing Lists: http://www.attrition.org/security/lists.html
Contacting Attrition Staff: staff () attrition org

To subscribe to Defaced Commentary, send mail to majordomo () attrition org
with "subscribe defaced-commentary" in the BODY of the mail (without
quotes). To unsubscribe, include "unsubscribe defaced-commentary" in
the BODY of the mail.

-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: