Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
[ISN] Crackers target open source software websites
From: InfoSec News (isnc4i.org)
Date: Thu May 31 2001 - 02:11:52 CDT
Thursday 31 May, 2001
By BARRY PARK
Open source software portal Sourceforge has published details of the
server compromise that forced the group to reset all its users'
The postmortem follows news today that another open source portal,
themes.org, had also been struck down by crackers.
Late today the group's website was defaced by crackers before being
replaced with a message the website was experiencing "fairly major
The website has since been stripped from the server and replaced with
a "page not found" error message.
Open source news portal Slashdot was also reporting today that the
website for the Apache Web server software had been compromised.
Sourceforge said today that crackers broke into its servers after a
Sourceforge worker's password was sniffed from a cracked third-party
Internet service provider.
Sourceforge said without revealing the exact details that the attack
affected one of its project shell servers.
"It has been determined that this security compromise (of one
SourceForge.net project shell server) was not caused by fault in the
shell server itself; no exploits were used to penetrate the security
on this host," the group said in a statement posted on its website
"Rather, security was compromised as result of a related breach on a
host of an upstream ISP for one SourceForge.net staff member. In this
case, the user had logged in to the compromised ISP's host, then to
the SourceForge.net project shell server; as result of the compromised
nature of the ISP's host, it was possible for the intruder to capture
the password the SourceForge.net staff member used in accessing that
"The SourceForge.net team has since established more rigorous
guidelines for host connectivity, so as to reduce the risk involved
with this type of security compromise," it said.
ISN is hosted by SecurityFocus.com
To unsubscribe email isn-unsubscribeSecurityFocus.com.