Slashdot Mirror

← Back to Stories (view on slashdot.org)

PostNuke Open Source CMS Attacked

Posted by michael on from the ruh-roh-shaggy dept.

ValourX writes "This morning the developers of the free software content management system PostNuke posted a security announcement saying that a vulnerability in the paFileDB download management software allowed an attacker to put up a hacked version of PostNuke for download. That version was live on the PostNuke download site between Sunday at 23:50 GMT and Tuesday at 8:30 GMT. Proprietary software zealots are always saying that open source programs are likely to contain backdoors, but is this situation truly what they mean when they say that? NewsForge (part of OSTG) has the story."

1 of 300 comments (clear)

  1. Content Management Systems by echocharlie · · Score: 3, Informative
    PostNuke was a fork of PHP-Nuke, which itself was a poor system to develop and maintain. It doesn't surprise me that this has happened to PostNuke despite their efforts to secure the system. I'm glad they discovered this relatively quickly though.

    --
    AnimeNEXT anime convention