[Wine] WineHQ database compromise

Josh Juran josh at iswifter.net
Tue Oct 11 15:39:52 CDT 2011


On Oct 11, 2011, at 12:13 PM, Jeremy White wrote:

> What we know at this point that someone was able to obtain unauthorized
> access to the phpmyadmin utility.  We do not exactly how they obtained
> access; it was either by compromising an admins credentials, or by
> exploiting an unpatched vulnerability in phpmyadmin.

Insecure HTTP access?

> Unfortunately, the attackers were able to download the full login
> database for both the appdb and bugzilla.  This means that they have all
> of those emails, as well as the passwords.  The passwords are stored
> encrypted, but with enough effort and depending on the quality of the
> password, they can be cracked.
> 
> This, I'm afraid, is a serious threat; it means that anyone who uses the
> same email / password on other systems is now vulnerable to a malicious
> attacker using that information to access their account.

Since bugzilla passwords were sent in cleartext anyway, I sincerely hope none of them were otherwise valuable.  (Remember FireSheep?)

> We are going to be resetting every password and sending a private email
> to every affected user.

You might also consider expiring old login cookies.  

> This is again another reminder to never use a common username / password
> pair.  This web site provides further advice as well:
> http://asiknews.wordpress.com/2011/03/02/best-practice-password-management-for-internet-web-sites/

Josh





More information about the wine-users mailing list