WineHQ database compromise
tijnema at gmail.com
Tue Oct 11 17:00:24 CDT 2011
On Tue, Oct 11, 2011 at 9:13 PM, Jeremy White <jwhite at codeweavers.com> wrote:
> I am sad to say that there was a compromise of the WineHQ database system.
> What we know at this point that someone was able to obtain unauthorized
> access to the phpmyadmin utility. We do not exactly how they obtained
> access; it was either by compromising an admins credentials, or by
> exploiting an unpatched vulnerability in phpmyadmin.
Almost 2 years ago I have sent you an email privately about a security
hole with the database. To be exactly, the date of the email is Wed,
Jul 29, 2009, 12:00 AM (GMT +02:00). I guess that's probably the same
trick the bad guys have used...
More information about the wine-devel