[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Sourceforge compromized?

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Sourceforge compromized?
From: Karl Schlitt <karl@xxxxxxxxxxxxx>
Date: Fri, 2 Feb 2007 12:46:02 -0600 (CST)

On Fri, 2 Feb 2007, Tim wrote:

> > Could someone from sourceforge.net comment? What else is compromised on
> > the server?
> >
> > Can just anyone post anything to any directory or are there specific
> > directories that can be hacked?
> >
> > Is it just yapig.sourceforge.net?
>
>
> If you look here:
>
>   http://yapig.sourceforge.net/
>
>
> You'll see the following list of vulns recently fixed in this image
> gallery project:
>

Just looking at the source for the defaced page one can see
that other projects are involved.

        http://owl.sourceforge.net/uploads/owl-13.php

-- 
Karl Schlitt
karl@xxxxxxxxxxxxx

References:
- strange behavior on Cisco 2801
  - From: Marcin
- Re: strange behavior on Cisco 2801
  - From: Neil Anderson
- Sourceforge compromized?
  - From: Michael Scheidell
- Re: Sourceforge compromized?
  - From: Tim

Prev by Date: Re: strange behavior on Cisco 2801
Next by Date: Re: Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities
Previous by thread: Re: Sourceforge compromized?
Next by thread: Re: strange behavior on Cisco 2801
Index(es):
- Date
- Thread