The Hacker News Logo
Subscribe to Newsletter

Official Debian and Python Wiki Servers Compromised

Administration from Debian and Python project official websites confirmed that their WIKI servers were compromised by some unknown hackers recently. Hackers was able to hack because of several vulnerabilities in "moin" package.

According to Brian Curtin at Python Project, Hacker user some unknown remote code exploit on Python Wiki server (http://wiki.python.org/) and was able to get shell access. The shell was restricted to "moin" user permissions, where but no other services were affected. Attacker deleted all files owned by the "moin" user, including all instance data for both the Python and Jython wikis.

Python Software Foundation encourages all wiki users to change their password on other sites if the same one is in use elsewhere. For now, Python Wiki is down and team is investigating more about breach.

Where as in Debian Wiki (http://wiki.debian.org/) security breach, user use some known vulnerabilities Directory traversal (CVE-2012-6080, CVE-2012-6495), Multiple unrestricted file upload vulnerabilities (CVE-2012-6081), Cross-site scripting (XSS) vulnerability (CVE-2012-6082).

Luca from Debian also mention,"We have reset all password hashes and sent individual notification to all Debian wiki account holders with instructions on how to recover their passwords".

In case of Debian, hacker compromise only 'wiki' user and have captured the email addresses and corresponding password hashes of all wiki editors. "The attacker(s) were particularly interested in the password hashes belonging to users of Debian, Intel, Dell, Google, Microsoft, GNU, any .gov and any .edu."

Both servers was compromised in December 2012, but it is not clear yet that same hacker do both hacks or not.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.