Slashdot Mirror
PostNuke Open Source CMS Attacked
ValourX writes "This morning the developers of the free software content management system PostNuke posted a security announcement saying that a vulnerability in the paFileDB download management software allowed an attacker to put up a hacked version of PostNuke for download. That version was live on the PostNuke download site between Sunday at 23:50 GMT and Tuesday at 8:30 GMT. Proprietary software zealots are always saying that open source programs are likely to contain backdoors, but is this situation truly what they mean when they say that? NewsForge (part of OSTG) has the story."
Developers free software content management system PostNuke security announcement vulnerability download management software attacker hacked PostNuke download. Version PostNuke download site Sunday GMT Tuesday GMT. Proprietary software zealots open source contain backdoors.
All I'm asking is can I get a Beowulf cluster of dat.
vicious, untreated political sewage...niche entertainment for the spiritually unattractive...worshipless pap
by reading EULA carefully, perhaps? :-)
Must... resist... goatse... troll...
You must have never gone to a .NET developer meeting. A few people in the CIS dept (the business side of IT, not the engineering folk) had such a club going, which I attended a few times for the free food, tshirts, copy of WinXP, copy of Dev Studio, etc.
These guys would claim Microsoft had invented the Sun, and should be worshipped for such an achievement. It really was interesting to observe.
At one point I won a door prize of my pick between several "writing secure code" books by MS Press. I said if I wanted to learn how to write secure code, I think I could find someone better than MS to learn from... everyone just stared at me slack jawed.
no comment
A site is responsible for distributing an application based on a platform that's been a script kiddie playground for years now.
The site gets its source code respositories compromised.
The site's maintainers apparently don't verify any MD5 checksums on a regular basis.
The general public knownigly downloads said compromised source code without verifying any MD5 checksums either.
Boy oh boy. I thought Windows "experts" were clueless.
Because if you can label them something bad (racist, homophobe, zealot, nutball, nazi, commie, etc), then you can promptly dismiss their argument without addressing it.
Pfft! I don't have to listen to your explanation, you freaky nutjob!
Well no. But the open source crowd claim to be better and more efficient at many things. Perhaps they are better at dealing the whistlebowers as well. Perhaps, with a little bit of investi$%@#+++carrier lost
I love how the news sites always use the term "attacker". We all know it was Doug, you know it and I know it. And thanks a lot Doug! You jerk!
--I'm not talking about dance lessons. I'm talking about putting a brick through the other guy's windshield.-
Boy, that's a whole lotta redundancy...
Dangerous Dianic d00dz
Degenerate Druidic Desperadoes
Angry Asinine Animists
Oily Ogling Odinists
there ya go, let no man feel left behind!
It also has some really bad spelling. Leave it to the left-wing pillow-biting tree huggers to leave literacy for the golden arches of welfare.
Sorry. I just had to say it. :-)
You need to restart your computer. Hold down the Power button for several seconds or press the Restart button.
Plagarized, I have been! :-)
Who is this 'Dr. Spock?'
Know him, I do not...:-)
-- "May the Source be with you!"
But aside from all that, what have the Romans ever done for us?
Black and grey are both shades of white.