Slashdot Mirror


PostNuke Open Source CMS Attacked

ValourX writes "This morning the developers of the free software content management system PostNuke posted a security announcement saying that a vulnerability in the paFileDB download management software allowed an attacker to put up a hacked version of PostNuke for download. That version was live on the PostNuke download site between Sunday at 23:50 GMT and Tuesday at 8:30 GMT. Proprietary software zealots are always saying that open source programs are likely to contain backdoors, but is this situation truly what they mean when they say that? NewsForge (part of OSTG) has the story."

2 of 300 comments (clear)

  1. Re:Friend or Foe by Anonymous Coward · · Score: 5, Funny
    I prefer the backdoors that I can see and deal with to the ones I cannot.


    Must... resist... goatse... troll...

  2. Re:Article submitter: -1, troll by zapp · · Score: 4, Funny

    You must have never gone to a .NET developer meeting. A few people in the CIS dept (the business side of IT, not the engineering folk) had such a club going, which I attended a few times for the free food, tshirts, copy of WinXP, copy of Dev Studio, etc.

    These guys would claim Microsoft had invented the Sun, and should be worshipped for such an achievement. It really was interesting to observe.

    At one point I won a door prize of my pick between several "writing secure code" books by MS Press. I said if I wanted to learn how to write secure code, I think I could find someone better than MS to learn from... everyone just stared at me slack jawed.

    --
    no comment