Re: Sourceforge compromized?

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Sourceforge compromized?
From: Karl Schlitt <karl@xxxxxxxxxxxxx>
Date: Fri, 2 Feb 2007 12:46:02 -0600 (CST)
Cc: security@xxxxxxxxxxxxxxx
In-reply-to: <20070202173045.GC2766@xxxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <20070201185441.8765.qmail@xxxxxxxxxxxxxxxxxxxxxxx> <200702012244.14250.cleidh_mor@xxxxxxxxxxxxxxx> <B3BCAF4246A8A84983A80DAB50FE7242862C1D@xxxxxxxxxxxxxxxxxx> <20070202173045.GC2766@xxxxxxxxxxxxxxxxxxx>

On Fri, 2 Feb 2007, Tim wrote:

> > Could someone from sourceforge.net comment? What else is compromised on
> > the server?
> >
> > Can just anyone post anything to any directory or are there specific
> > directories that can be hacked?
> >
> > Is it just yapig.sourceforge.net?
>
>
> If you look here:
>
>   http://yapig.sourceforge.net/
>
>
> You'll see the following list of vulns recently fixed in this image
> gallery project:
>

Just looking at the source for the defaced page one can see
that other projects are involved.

        http://owl.sourceforge.net/uploads/owl-13.php

-- 
Karl Schlitt
karl@xxxxxxxxxxxxx

References:
- strange behavior on Cisco 2801
  - From: Marcin
- Re: strange behavior on Cisco 2801
  - From: Neil Anderson
- Sourceforge compromized?
  - From: Michael Scheidell
- Re: Sourceforge compromized?
  - From: Tim

Prev by Date: Re: strange behavior on Cisco 2801
Next by Date: Re: Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities
Previous by thread: Re: Sourceforge compromized?
Next by thread: Re: strange behavior on Cisco 2801
Index(es):
- Date
- Thread