Linux Today: Linux News On Internet Time.

More on LinuxToday

ZDNet Australia: Puzzling Site Attacks Expose Open Source Glitch

Feb 13, 2004, 16:00 (1 Talkback[s])
(Other stories by Andrew Colley)

[ Thanks to Jason Greenwood for this link. ]

"A recent spate of attacks on Macromedia Flash developer community Web sites has exposed a potential security threat in a common open source mailing list application.

"Jesse Stratford, co-founder of actionscripts.org, one of three Flash enthusiast sites hijacked over recent weeks, said hackers managed to compromise his server using a vulnerable PHP script in EMML (EternalMart Mailing List Manager).

"It took two separate attacks on the site to spot the security vulnerability, Stratford explained. The hackers were able to cover their tracks when the first attack took place around two weeks ago but were less successful in the second attack, which came within hours of actionscript.org's announcement on Saturday that it had recovered the site..."

Complete Story

Related Stories: