funsec mailing list archives

Previous By Date Next
Previous By Thread Next

GNU Web Server/SQL Injection

From: Jeffrey Walton <noloader () gmail com>
Date: Wed, 1 Dec 2010 07:42:32 -0500
Noy sure if this made anyone's radar. Savannah is an important server
for GNU. It hosts a number of GNU projects.

http://savannah.gnu.org/forum/forum.php?forum_id=5970:
    There's been a SQL injection leading to a leak of encrypted account
    passwords, some of them discovered by brute-force attack, leading
    in turn to project membership access, and vandalism on the 'www'
    project that backs www.gnu.org.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: