LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

The backdooring of WordPress

The backdooring of WordPress

Posted Mar 8, 2007 13:02 UTC (Thu) by cate (subscriber, #1359)
In reply to: The backdooring of WordPress by tialaramex
Parent article: The backdooring of WordPress

I remember that also the kernel had a similar problem: someone inserted a backdoor in the CVS tree (the back-end of BK for some developers). Lucky not a lot of people used that version and it was discovered in one single day.

{debian machines was also attacked, but AFAIK no files were altered).

So I think that what happened to WordPress could happen also to other projects (hoping that there are no undiscovered backdoors in the wild).

(Log in to post comments)

The backdooring of WordPress

Posted Mar 15, 2007 9:24 UTC (Thu) by Wol (guest, #4433) [Link]

Yup.

The kernel bug was discovered fast because there was a nightly process updating CVS from BitKeeper - it tripped over the trojanned CVS file.

Cheers,
Wol

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds