Bugtraq: Re: Sourceforge compromized?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Sourceforge compromized?

From: Karl Schlitt <karl () dakota-st com>
Date: Fri, 2 Feb 2007 12:46:02 -0600 (CST)

On Fri, 2 Feb 2007, Tim wrote:

Could someone from sourceforge.net comment? What else is compromised on
the server?

Can just anyone post anything to any directory or are there specific
directories that can be hacked?

Is it just yapig.sourceforge.net?



If you look here:

  http://yapig.sourceforge.net/


You'll see the following list of vulns recently fixed in this image
gallery project:


Just looking at the source for the defaced page one can see
that other projects are involved.

        http://owl.sourceforge.net/uploads/owl-13.php

-- 
Karl Schlitt
karl () dakota-st com

By Date By Thread

Current thread:

Re: strange behavior on Cisco 2801, (continued)
- Re: strange behavior on Cisco 2801 Neil Anderson (Feb 01)
  - Sourceforge compromized? Michael Scheidell (Feb 02)
    - Re: Sourceforge compromized? Eliah Kagan (Feb 02)
    - Re: Sourceforge compromized? Serguei A. Mokhov (Feb 02)
    - Re: Sourceforge compromized? Tim (Feb 02)
    - Re: Sourceforge compromized? Karl Schlitt (Feb 02)
- Re: strange behavior on Cisco 2801 Eloy Paris (Feb 02)