출처:http://lists.centos.org/mailman/listinfo/centos-announce


아래는 간단한 상황설명입니다. 좀더 자세하고 정확한 내용은 원문글을 참고하시기 바랍니다.


centos 웹서버에 의심스러운 파일을 찾았고 포럼으로 사용되는 Xoops을 통해 침입한것으로 보인다고 합니다.

해당문제는 관리상의 문제였고 해결된 상태라고 하며 centos.org의 포럼에 가입한 유저들은 "Xoops의 패스워드 찾기"

메뉴를 통해 패스워드를 변경하기를 권하고 있습니다.


이하 원문 입니다.

Dear Users,
on Friday evening, July 3rd (UTC) we found a few suspicious files on the CentOS webserver.
Upon investigating we found out that the files had been put there through Xoops
(the CMS www.centos.org runs on) - and that this was possible due to a an administrative error
which has been corrected.

As far as we can see there has been no data or binary injected into the system or taken from the system.
The machine hasn't been used as a source for sending spam (in the widest possible meaning) either.

We have been able to identify the source of the attacks, but have not been able to find out
if the files have been put there through a compromised user account in the Xoops system.

Although we are fairly sure that there has been no such compromise, we have enforced a password
expiry on all accounts on the system.

wiki.centos.org and bugs.centos.org - though being on the same machine - have not been affected by this.
All users having an account on www.centos.org need to acquire a new password through the "lost password"
system of Xoops.

We are terribly sorry for any inconvenience this might cause you and would like to apologize for that.
On behalf of the CentOS team

관련 링크:
http://www.centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

+ Recent posts