Bugtraq mailing list archives
Re: Sourceforge compromized?
From: Tim <tim-security () sentinelchicken org>
Date: Fri, 2 Feb 2007 12:30:45 -0500
Could someone from sourceforge.net comment? What else is compromised on the server? Can just anyone post anything to any directory or are there specific directories that can be hacked? Is it just yapig.sourceforge.net?
If you look here: http://yapig.sourceforge.net/ You'll see the following list of vulns recently fixed in this image gallery project: ... * Vulnerability: Cross site scripting on add comment form (#1230491) * Vulnerability: Save plain text login information in cookies (#1230491) * Vulnerability: Arbitrary directory removal on upload.php (#1230491) * Vulnerability: Extension checks on upload.php (#1230491) * Vulnerability: Arbitrary file Inclusion global.php and last_gallery.php (#1230491) * Vulnerability: Cross-site Scripting (#1230491) * Vulnerability: Information disclosure in phid argument of view.php and slideshow.php (#1230491) ... Yeah, so their demo site is compromised through one of these, or another yet to be published. Have you tried to let the project owner know?
Either case, I should suggest everyone be careful about what you download from sourceforge till they do a full code audit and post the results here.
I would hope that sourceforge has decent cross-project segmentation by now... tim PS- next time you start a new thread on lists, could you avoid responding to messages on completely different threads? I realize that some mail clients still don't support the interpretation of threading headers, but many of ours do.
Current thread:
- strange behavior on Cisco 2801 Marcin (Feb 01)
- Re: strange behavior on Cisco 2801 Neil Anderson (Feb 01)
- Sourceforge compromized? Michael Scheidell (Feb 02)
- Re: Sourceforge compromized? Eliah Kagan (Feb 02)
- Re: Sourceforge compromized? Serguei A. Mokhov (Feb 02)
- Re: Sourceforge compromized? Tim (Feb 02)
- Re: Sourceforge compromized? Karl Schlitt (Feb 02)
- Sourceforge compromized? Michael Scheidell (Feb 02)
- Re: strange behavior on Cisco 2801 Neil Anderson (Feb 01)
- Re: strange behavior on Cisco 2801 Eloy Paris (Feb 02)