Language Selection

English French German Italian Portuguese Spanish

WineHQ database compromise

Filed under
Software
Security
Web

I am sad to say that there was a compromise of the WineHQ database system.

What we know at this point that someone was able to obtain unauthorized access to the phpmyadmin utility. We do not exactly how they obtained access; it was either by compromising an admins credentials, or by exploiting an unpatched vulnerability in phpmyadmin.

We had reluctantly provided access to phpmyadmin to the appdb developers (it is a very handy tool, and something they very much wanted). But it is a prime target for hackers, and apparently our best efforts at obscuring it and patching it were not sufficient.

So we have removed all access to phpmyadmin from the outside world.

We do not believe the attackers obtained any other form of access to the system.

Rest here




More in Tux Machines

today's howtos

Leftovers: Gaming

Red Hat and Fedora

Canonical and Ubuntu

  • OpenStack Solution Provider Awnix Joins Canonical's Cloud Partner Programme
    Canonical has been excited to announce that Awnix, an OpenStack solution provider with over 25 years of experience designing systems for enterprise data center environments, has joined its Partner Reseller Programme for cloud solutions.
  • Docker Has No Plans to Ditch Ubuntu in Favor of Alpine Linux - Report
    If you've been reading the news lately, you may have heard rumors that Docker founders hired the developer of Alpine Linux, a small, text-based distribution, to move the official Docker images away from the Ubuntu infrastructure.
  • More Android Vendors Said To Be Eyeing Ubuntu Phones This Year
    A greater number of Android smartphone/tablet vendors are said to be eyeing Ubuntu Phone for new devices later this year. In an interview published this morning by The Register, Canonical CEO Jane Silber talked about their communications with more (unnamed) Android vendors and supposedly seeing some other vendors offering Ubuntu Phone products later in 2016.