Hey everyone, On 10/11/2011 09:13 PM, Jeremy White wrote: > Hi, > > I am sad to say that there was a compromise of the WineHQ database system. > > What we know at this point that someone was able to obtain unauthorized > access to the phpmyadmin utility. We do not exactly how they obtained > access; it was either by compromising an admins credentials, or by > exploiting an unpatched vulnerability in phpmyadmin. > > We had reluctantly provided access to phpmyadmin to the appdb developers > (it is a very handy tool, and something they very much wanted). But it > is a prime target for hackers, and apparently our best efforts at > obscuring it and patching it were not sufficient. > > So we have removed all access to phpmyadmin from the outside world. > > We do not believe the attackers obtained any other form of access to the > system. > > On the one hand, we saw no evidence of harm to any database. We saw no > evidence of any attempt to change the database (and candidly, using the > real appdb or bugzilla is the easy way to change the database). > > Unfortunately, the attackers were able to download the full login > database for both the appdb and bugzilla. This means that they have all > of those emails, as well as the passwords. The passwords are stored > encrypted, but with enough effort and depending on the quality of the > password, they can be cracked. > > This, I'm afraid, is a serious threat; it means that anyone who uses the > same email / password on other systems is now vulnerable to a malicious > attacker using that information to access their account. > You may also want to change your testbot password if you re-used your password.. https://testbot.winehq.org/ForgotPassword.pl Cheers, Maarten
