Thursday, January 10, 2013

Published information on breaking

Following the hacking received information on intruders server hosting site, using contain sensitive wiki-engine version of MoinMoin. site was compromised on December 28, the day before the release of MoinMoin 1.9.6 with security fixes.

After hacking of a site received information on penetration of malefactors on the server serving a site, using containing vulnerability the wiki-cursor MoinMoin version..

As in the case of attack on the project wiki Debian, incident analysis showed that the attacker was able to access the system only under the user moin and could not elevate their privileges to the user root. After the penetration of the attacker tried to delete all the files belonging to the user moin, and this revealed his presence. Unfortunately, an attacker gained access to the database user wiki-project sites Python and Jython, containing, including password hashes. In this connection, initiated the process of changing passwords for users and

In addition there information about the operation of these vulnerabilities (CVE-2012-6081) in July 2012, almost half a year before the appearance of public information about a problem of security. Thus can not be excluded having noticed attacks on infrastructure known projects using MoinMoin 1.9.x. In particular, we know that these issues have been installed on, / wiki, and MoinMoin is also used on sites,,, / wiki and

No comments:

Post a Comment