NEWS CATEGORIES:

NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>

Find us on Google+

Home > News > Security

January 25th, 2011, 17:29 GMT · By Lucian Constantin

Fedora Project Investigates Security Incident on Its Infrastructure

Adjust text size:

Hacked account prompts investigation on Fedora Project's infrastructure

The Fedora Project infrastructure team is currently investigating the compromise of a contributor's account, but preliminary results show that no significant damage resulted from it.

The security breach was announced and in an email sent to the Fedora mailing list by the project's leader, Jared Smith.

According to Mr. Smith, the incident occurred on January 22, when a project member notified the infrastructure team about an email from the Fedora Accounts System (FAS) alerting him of changes to his account he never authorized.

A quick investigation determined the account in question had been hijacked, but that hackers did not compromise the integrity of the project, despite the contributor having push access to Fedora SCM packages.

"While the user in question had the ability to commit to Fedora SCM, the Infrastructure Team does not believe that the compromised account was used to do this, or cause any builds or updates in the Fedora build system," Smith wrote.

"The Infrastructure Team believes that Fedora users are in no way threatened by this security breach and we have found no evidence that the compromise extended beyond this single account," he added.

The only thing the attackers did was to change the account's SSH key in the Fedora Accounts System and use it to log into fedorapeople.org, where they had very limited access.

The infrastructure team took file system snapshots of pkgs.fedoraproject.org and fedorapeople.org, as well as reviewed logs for SSH, FAS, Git, and Koji.

A more in-depth investigation and security audit is currently underway, but at this moment evidence suggests the account was compromised externally and via a vulnerability in the Fedora Project infrastructure.

Even though in this case the damage was almost nonexistent, account compromises of this type can have far more serious consequences. In August 2009, the Apache Project had to shut down most of its servers after a hacked account was used to upload Web shells to them.

FILED UNDER:

Fedora Accounts System

TELL US WHAT YOU THINK:

732 hits · Link to this article · Print article · Send to friend · Subscribe to news

MUST-READ RELATED ARTICLES:

ProFTPD Distribution Server Compromised and Sources Backdoored

Complex Attack Hits Apache.org Services

Admins Acknowledge Mistakes That Lead to Apache.org Hack

Apache.org Compromised by Hackers

Linux Trojan Hid in Popular IRC Server Software for Months

READER COMMENTS:

No user comments yet.

Be the first to express your opinion!

SUBMIT PROGRAM \| ADVERTISE \| GET HELP \| SEND US FEEDBACK \| RSS FEEDS \| UPDATE YOUR SOFTWARE \| ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved. Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.	Copyright Information \| Privacy Policy \| Terms of Use