[leaf-devel] ANN: Website cracked

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Everyone,
Our website was cracked using the phpWebSite announce module. A file
named nst.gif.php was uploaded to images/announce. I've removed the file
and locked down that directory. Also, I changed our database password
and hub_hash. I'm in the process of diffing the last mysqldump.

I'll keep everyone apprised of my progress.

phpWebSite-0.10.0_exploit
http://www.securityfocus.com/archive/1/391496/2005-02-21/2005-02-27/0

-- 
Mike Noyes <mhnoyes at users.sourceforge.net>
http://sourceforge.net/users/mhnoyes/
SF.net Projects: ffl, leaf, phpwebsite, phpwebsite-comm, sitedocs

[leaf-devel] ANN: Website cracked

A secure, feature-rich, customizable embedded Linux network appliance

[leaf-devel] ANN: Website cracked