Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Crackers target open source software websites

From: InfoSec News <isn () c4i org>
Date: Thu, 31 May 2001 02:11:52 -0500 (CDT)
http://it.mycareer.com.au/breaking/2001/05/31/FFXQ0QREDNC.html

Thursday 31 May, 2001
By BARRY PARK 
FAIRFAX IT

Open source software portal Sourceforge has published details of the
server compromise that forced the group to reset all its users'
passwords.

The postmortem follows news today that another open source portal,
themes.org, had also been struck down by crackers.

Late today the group's website was defaced by crackers before being
replaced with a message the website was experiencing "fairly major
technical difficulties".

The website has since been stripped from the server and replaced with
a "page not found" error message.

Open source news portal Slashdot was also reporting today that the
website for the Apache Web server software had been compromised.

Sourceforge said today that crackers broke into its servers after a
Sourceforge worker's password was sniffed from a cracked third-party
Internet service provider.

Sourceforge said without revealing the exact details that the attack
affected one of its project shell servers.

"It has been determined that this security compromise (of one
SourceForge.net project shell server) was not caused by fault in the
shell server itself; no exploits were used to penetrate the security
on this host," the group said in a statement posted on its website
today.

"Rather, security was compromised as result of a related breach on a
host of an upstream ISP for one SourceForge.net staff member. In this
case, the user had logged in to the compromised ISP's host, then to
the SourceForge.net project shell server; as result of the compromised
nature of the ISP's host, it was possible for the intruder to capture
the password the SourceForge.net staff member used in accessing that
shell server.

"The SourceForge.net team has since established more rigorous
guidelines for host connectivity, so as to reduce the risk involved
with this type of security compromise," it said.

 


ISN is hosted by SecurityFocus.com
---
To unsubscribe email isn-unsubscribe () SecurityFocus com.
Previous By Date Next
Previous By Thread Next

Current thread: