[funsec] BSDNews.com is hacked and user information is exposed

Fri Apr 25 18:39:46 CDT 2008

Yeah, the site that originally had the usernames/passwords posted seems to
be down (for me at least) right now. Other site is has closed public access
to the forums, but the google cache is still up. More at
http://www.elwood.net/post/32863299.

Myself, I am just sorry I waited a week to make it public. I thought the
BSDnews people would be more on the ball then they turned out to be. Notice
finally came out today after Evan posted the news and other sites picked up
on it.

I still don't understand why they were keeping plaintext passwords for all
their users.
-- 
Jim O'Gorman
jameso at elwood.net
http://www.elwood.net

On Fri, Apr 25, 2008 at 4:32 PM, Paul Ferguson <fergdawg at netzero.net> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> FYI.
>
> [snip]
>
> Breach Description:
> It appears that the BSDNews.com web site may have been compromised through
> an exploit of a file named "bottom.php3", which was used by the site.  The
> attacker was able to access and download user account information.  As of
> the time of this writing, BSDNews.com is offline.
>
> [snip]
>
> More:
> http://breachblog.com/2008/04/25/bsdnews.aspx
>
> - - ferg
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Desktop 9.6.3 (Build 3017)
>
> wj8DBQFIEk34q1pz9mNUZTMRAtiOAKC87i4swNDK6pZz7oqcM86A9QIEugCfQGGc
> fP6nWpdmonXHXqGuYL42RGo=
> =gzQK
> -----END PGP SIGNATURE-----
>
>
> --
> "Fergie", a.k.a. Paul Ferguson
>  Engineering Architecture for the Internet
>  fergdawg(at)netzero.net
>  ferg's tech blog: http://fergdawg.blogspot.com/
>
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://linuxbox.org/pipermail/funsec/attachments/20080425/7db28422/attachment.htm 