Weekly Edition
Return to the Security page
| |||||||||||||
Backdoor inserted into Piwik
The Piwik web server analytics package was
given an undesirable feature — a backdoor — as the result of a
compromise of the piwik.org server. "You would be at risk only if you installed or updated to Piwik 1.9.2 on Nov 26th from 15:43 UTC to 23:59 UTC.
If you are not using 1.9.2, or if you have updated to 1.9.2 earlier than
Nov 26th 15:40 UTC or from Nov 27th, you should be safe." The
announcement has details on the backdoor and how to detect it.
(Log in to post comments)
Backdoor inserted into Piwik Posted Nov 27, 2012 19:37 UTC (Tue) by lkundrak (guest, #43452) [Link] "an undesirable feature — a backdoor"Made me laugh aloud :)
Backdoor inserted into Piwik Posted Nov 28, 2012 12:37 UTC (Wed) by njwhite (subscriber, #51848) [Link]
Their advice to backup config.ini.php and then unpack a fresh install is sensible, but does point to an issue with having a config file be direct code; if they'd decided to add part of the backdoor to config.ini.php, restoring things could have got rather trickier.
Anyway, it's a good advisory, and it looks like they did a very good job of responding. The forum post linked to there has more details of what the backdoor does, for those interested: http://forum.piwik.org/read.php?2,97666
|
|||||||||||||