據PHP官方網站發布新聞得知其wiki賬號被盜,原因是wiki.php.net漏洞導致的,而wiki的賬號和php代碼源的SVN提交權限相關聯,從而導致PHP代碼受汙染。
PHP官方網站(http://www.php.net/)
據了解,PHP5.3.6以及其後續版本的代碼已經被汙染,目前只能把未受汙染的代碼版本確保到PHP5.3.5,下載PHP代碼的用戶,需謹慎。
原文內容:
The wiki.php.net box was compromised and the attackers were able to collect wiki account credentials. No other machines in the php.net infrastructure appear to have been affected. Our biggest concern is, of course, the integrity of our source code. We did an extensive code audit and looked at every commit since 5.3.5 to make sure that no stolen accounts were used to inject anything malicious. Nothing was found. The compromised machine has been wiped and we are forcing a password change for all svn accounts.
We are still investigating the details of the attack which combined a vulnerability in the Wiki software with a Linux root exploit.
內容大致是:
由於wiki賬號被盜,PHP的代碼源極有可能被汙染,當然,PHP團隊已經做最大的努力以保證自PHP5.3.5版本的代碼沒有收到汙染,並且強迫SVN修改現有的密碼。
而事件目前的狀態是,他們仍然沒法鎖定漏洞所在,因為他們仍在排查。
一個很明顯的問題是,PHP5.3.6以及其後續版本的代碼已經被汙染,目前只能把未受汙染的代碼版本確保到PHP5.3.5,下載PHP代碼的人,要小心了。
而windows.php.net和wiki.php.net也已經暫停訪問。
0 留言:
發佈留言
您使用留言則表示同意及遵守使用條款及守則。
建議: 為方便留言回覆,請不要用匿名方式 留言。