attacco a Sabayon Forum

Scrivi qui tutto quello che non riguarda Sabayon Linux

Moderator: Moderators

Post Reply
Simple Hen
Posts: 68
Joined: Sat Mar 17, 2012 18:19
Location: Roma Sud

attacco a Sabayon Forum

Post by synux » Thu Oct 31, 2013 22:36

Buongiorno a Tutti.
Ho ricevuto una email da un amministratore del forum di sabayon e vorrei sapere se altri utenti l'hanno ricevuta.
Se è stato catturato il mio indirizzo email, devo prendere qualche precauzione?
L'email ricevuta recita:

TL;DR: change your wiki, forum and bugzilla passwords ASAP!

Dear users,
a couple of days ago, during the night between Oct 28 and Oct 29 (GMT time,
+0000), the credentials of one of our forum administrator were stolen and
used to conduct an attack against our wiki, forum, bugzilla installations.
The attacker used these credentials to inject php code into our forum FAQ
page as a way to install two backdoor scripts (cache2.php and cache3.php)
and gain full access to all the user accounts on our web infrastructure (we
used a centralized authentication system based on phpbb). In particular,
your username, email and encrypted password (we do not store clear text
passwords but phpBB uses salted double MD5, which is considered, to some
extent, weak by some experts).
I have been able to successfully analyze the whole incident (the audit took
me a couple of days), and take all the countermeasures needed so that it
won’t happen again.
In particular, I have improved the alerting system such that it can
autonomously and rapidly take action in case of unexpectedly uploaded files
to our servers (and much more, btw). The database has been restored from
one of our almost-hourly backups.

We apologize for any inconvenience that we may have caused you.
We advise you to change your forum and bugzilla passwords as soon as

User avatar
Sagely Hen
Posts: 3343
Joined: Sun Sep 21, 2008 1:12
Location: Italy

Re: attacco a Sabayon Forum

Post by sabayonino » Fri Nov 01, 2013 16:33


l'invito è di cambiare la password per tutti i servizi offerti da (forum,homepage,bugzilla etc)

Post Reply