Welcome to our website
To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.
Security Notice: Attempted Break-In on www.centos.org
Posted by Philipp Esselbach on: 07/04/2009 03:31 AM [ Print | 0 comment(s) ]
A security notice from the CentOS project:
Dear Users,
on Friday evening, July 3rd (UTC) we found a few suspicious files on the CentOS webserver. Upon investigating we found out that the files had been put there through Xoops (the CMS www.centos.org runs on) - and that this was possible due to a an administrative error which has been corrected.
As far as we can see there has been no data or binary injected into the system or taken from the system. The machine hasn't been used as a source for sending spam (in the widest possible meaning) either.
We have been able to identify the source of the attacks, but have not been able to find out if the files have been put there through a compromised user account in the Xoops system.
Although we are fairly sure that there has been no such compromise, we have enforced a password expiry on all accounts on the system.
wiki.centos.org and bugs.centos.org - though being on the same machine - have not been affected by this.
All users having an account on www.centos.org need to acquire a new password through the "lost password" system of Xoops.
We are terribly sorry for any inconvenience this might cause you and would like to apologize for that.
On behalf of the CentOS team,
Ralph Angenendt
on Friday evening, July 3rd (UTC) we found a few suspicious files on the CentOS webserver. Upon investigating we found out that the files had been put there through Xoops (the CMS www.centos.org runs on) - and that this was possible due to a an administrative error which has been corrected.
As far as we can see there has been no data or binary injected into the system or taken from the system. The machine hasn't been used as a source for sending spam (in the widest possible meaning) either.
We have been able to identify the source of the attacks, but have not been able to find out if the files have been put there through a compromised user account in the Xoops system.
Although we are fairly sure that there has been no such compromise, we have enforced a password expiry on all accounts on the system.
wiki.centos.org and bugs.centos.org - though being on the same machine - have not been affected by this.
All users having an account on www.centos.org need to acquire a new password through the "lost password" system of Xoops.
We are terribly sorry for any inconvenience this might cause you and would like to apologize for that.
On behalf of the CentOS team,
Ralph Angenendt
Related Threads
09/29/2008 06:04 PM: Security Updates for CentOS 4.6 (0) by nturner
10/25/2004 01:17 PM: Fake RedHat/Fedora security patch (0) by blackpage
03/20/2004 12:30 PM: SECURITY IN LINXU SUSE 9.0 PRO???????????????????????? (1) by danleff
12/04/2003 01:05 PM: rsync 2.5.6 security advisory (0) by spunz
11/21/2003 12:30 PM: Security (1) by Philipp
02/10/2003 08:23 PM: RedHat Security Setting? or Hardware Detection Issue? (3) by TrakerJon
11/27/2002 12:56 AM: Some articles on Linux security... (1) by REL!c2K
10/25/2004 01:17 PM: Fake RedHat/Fedora security patch (0) by blackpage
03/20/2004 12:30 PM: SECURITY IN LINXU SUSE 9.0 PRO???????????????????????? (1) by danleff
12/04/2003 01:05 PM: rsync 2.5.6 security advisory (0) by spunz
11/21/2003 12:30 PM: Security (1) by Philipp
02/10/2003 08:23 PM: RedHat Security Setting? or Hardware Detection Issue? (3) by TrakerJon
11/27/2002 12:56 AM: Some articles on Linux security... (1) by REL!c2K