[+] Wayc0de's Blog[+]

13/10/11

WineHQ database hacked, passwords stolen

Summary: Malicious hackers exploit vulnerabilities in phpmyadmin to gain access to WineHQ’s database. Usernames and passwords were stolen.

Add WineHQ to the list of open-source projects struggling to contain a serious security breach.

WineHQ, which manages software that’s used to run Windows applications on Linux, BSD, Solaris and Mac OS X, confirmed the breach and warned that the intruders were able to hijack usernames and passwords.

“What we know at this point that someone was able to obtain unauthorized access to the phpmyadmin utility. We do not exactly how they obtained access; it was either by compromising an admins credentials, or by exploiting an unpatched vulnerability in phpmyadmin,” according to Jeremy White of Codeweavers, a company that sells a supported version of Wine.

White said the company had “reluctantly provided access to phpmyadmin to the appdb developers” which offered a prime target for hackers.

'Kill tool' released for unpatched Apache server vulnerability ]

More from White’s statement:

We do not believe the attackers obtained any other form of access to the system.

On the one hand, we saw no evidence of harm to any database. We saw no evidence of any attempt to change the database (and candidly, using the real appdb or bugzilla is the easy way to change the database).

Unfortunately, the attackers were able to download the full login database for both the appdb and bugzilla. This means that they have all of those emails, as well as the passwords. The passwords are stored encrypted, but with enough effort and depending on the quality of the password, they can be cracked.

This, I’m afraid, is a serious threat; it means that anyone who uses the same email / password on other systems is now vulnerable to a malicious attacker using that information to access their account.

We are going to be resetting every password and sending a private email to every affected user.

In recent months, hackers have broken into the Linux Foundation websites and the kernel.org Linux archive site.

Tidak ada komentar:

Posting Komentar