On Fri, Mar 18, 2011 at 9:02 PM, zarul shahrin <[email protected]>wrote:
> Visual "proof" of PHP.NET server(s) breach: > http://www.wooyun.org/bugs/wooyun-2010-01635 > PHP.net's own confirmation ( http://www.php.net/archive/2011.php#id2011-03-19-2 ) : > > *[19-Mar-2011]* The wiki.php.net box was compromised and the attackers > were able to collect wiki account credentials. No other machines in the > php.net infrastructure appear to have been affected. Our biggest concern > is, of course, the integrity of our source code. We did an extensive code > audit and looked at every commit since 5.3.5 to make sure that no stolen > accounts were used to inject anything malicious. Nothing was found. The > compromised machine has been wiped and we are forcing a password change for > all svn accounts. > > We are still investigating the details of the attack which combined a > vulnerability in the Wiki software with a Linux root exploit. > > On Fri, Mar 18, 2011 at 8:31 PM, zarul shahrin <[email protected]>wrote: >> >> Hai Guys, >> just a head up, yet another open source project has been compromised and >> probably backdoored, this time is PHP.net. I am still waiting for more info >> on this. >> Best Regards, >> Zarul Shahrin >> > -- To unsubscribe from and detail about this group http://portal.mosc.my/osdc-my-mailing-list-information MOSC2011 http://fb.me/mosc2011 and http://portal.mosc.my/
