funsec mailing list archives
GNU Web Server/SQL Injection
From: Jeffrey Walton <noloader () gmail com>
Date: Wed, 1 Dec 2010 07:42:32 -0500
Noy sure if this made anyone's radar. Savannah is an important server for GNU. It hosts a number of GNU projects. http://savannah.gnu.org/forum/forum.php?forum_id=5970: There's been a SQL injection leading to a leak of encrypted account passwords, some of them discovered by brute-force attack, leading in turn to project membership access, and vandalism on the 'www' project that backs www.gnu.org. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- GNU Web Server/SQL Injection Jeffrey Walton (Dec 01)