Jump to content
aelius

OpenSuse forum hacked - 79500 users compromised

Recommended Posts

Posted (edited)

After Snapchat hack, this can be another worst data breach of the new year. A Pakistani hacker 'H4x0r HuSsY' has successfully compromised the official Forum of 'openSUSE', a Linux distro developed, sponsored & supported by SUSE.

The hacker managed to deface the Forum and uploaded its custom message page as shown and account information of 79,500 registered users' may have been compromised.

The popular website MacRumors's Forum was compromised in last November using an alleged zero day exploit, which is based on vBulletin, a famous forum software. The openSUSE Forum is also based upon vBulletin.

Another interesting fact is that openSUSE is still using vBulletin 4.2.1, which is vulnerable to inject rogue administrator accounts flaw. Whereas, the latest patched vBulletin 5.0.5 is available. Possibly, Hacker exploits same or another known vBulletin version 4.2.1 vulnerability to access the website's administrative panel.

openSUSE+vBulletin+hacked.png

Read more: Exclusive - openSUSE Forum Hacked; 79500 Users' Data Compromised

Nota personala:

Mie imi pare o cacanarie sa se intample asta cu un soft comercial. Costul nu este deloc mic si pe langa costul lui, trebuie sa platesti pentru suport. Suport la ce ? La o saracie low-end cu gauri de securitate?! Se pare ca vBulletin devine un fel de mambo. Cine e vechi pe net stie ce nebunie era inainte la mambo / joomla.

Observ din imaginile de acolo ca au folosit inclusiv un phpshell. Cat de retard sa fie un admin incat sa nu stie sa dezactiveze niste functii php si sa instaleze ceva module de protectie (just in case).

Edited by aelius

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...