In association with heise online

07 July 2009, 10:41

Attack on CentOS project server

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Attackers have used a configuration error in the Xoops content management system to access the main web server of the CentOS project. According to Ralph Angenendt, system administrator at CentOS, no data has been injected into the system or stolen from it. He also stated that the server had not been used to send spam. As a precaution though, all users of the CMS will need to get a new password for the CMS through the Xoops lost password system.

The CentOS wiki and bug tracking system were not affected by the attack, despite running on the same machine. The attack was noticed on Friday 3rd of July when the administrators stumbled over some suspicious files on the CentOS server.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit