Slashdot Mirror

← Back to Stories (view on slashdot.org)

GNU Savannah Site Compromised

Posted by CmdrTaco on from the it's-gnu/secure dept.

Trailrunner7 writes "A site belonging to the Savannah GNU free software archive was attacked recently, leading to a compromise of encrypted passwords and enabling the attackers to access restricted project material. The compromise was the result of a SQL injection attack against the savannah.gnu.org site within the last couple of days and the site is still offline now. A notice on the site says that the group has finished the process of restoring all of the data from a clean backup and bringing up access to some resources, but is still in the middle of adjusting its security settings."

1 of 99 comments (clear)

  1. Let's see... by filesiteguy · · Score: 0, Offtopic

    DROP ALL

    nope.

    UPDATE USERS SET PASSWORD = '1234' WHERE NAME = %

    nope

    Dang, this Leenux stuff is way more secure than I thought!

    --
    The Kai's Semi-Updated Website Thingy