[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Fw: Spread Firefox Security Notice



No problem with firefox on windows for the moment... What version do you use ?

Regards
Armelle

Quoting hamed <hamed_fcs at hotpop dot com>:

> salam,
> 
> I used to notice that firefox consums all the speed
> of my machine since few days, so I suspect windows
> then I recieved this message!
> is there any relation ???
> 
> Thanks,
> Hamed
> 
> ----- Original Message ----- 
> From: <admin at spreadfirefox dot com>
> To: <announce at spreadfirefox dot com>
> Sent: Tuesday, October 04, 2005 6:48 AM
> Subject: Spread Firefox Security Notice
> 
> 
> > The Spread Firefox Team became aware this week that the server hosting
> > Spread Firefox, our community marketing site, has been accessed by
> > unknown remote attackers who attempted to exploit a security
> > vulnerability in TWiki software installed on the server.  The TWiki
> > software was disabled as soon as we were aware of the attempts to access
> > SpreadFirefox.com.  This exploit was limited to SpreadFirefox.com and
> > did not affect mozilla.org web sites or Mozilla software.
> > 
> > We have scanned Spread Firefox servers and at this time do not believe
> > any sensitive data was taken, but as a precautionary measure we have
> > shutdown the site and will be rebuilding the web site from scratch.  We
> > also recommend that you change your Spread Firefox password and the
> > password of any accounts where you use the same password as your Spread
> > Firefox account.  We will notify you again when the site is back up with
> > instructions on how to change your password. (Note: We do use MD5
> > hashing on the passwords, but MD5 cannot protect all passwords against
> > off-line dictionary style attacks.)
> > 
> > After Spread Firefox was compromised in July, we instituted procedures
> > to ensure that we apply all security fixes to the software running the
> > site (Drupal and PHP) as soon as they become available.  Unfortunately,
> > those procedures overlooked the installation of the TWiki software since
> > it is not used by the main Spread Firefox site.  When the system is
> > rebuilt, all the software will be audited to ensure that security
> > updates will be applied in a timely manner.  We deeply regret this
> > incident and any inconvenience this may have caused you. Sincerely,
> > 
> > Spread Firefox Team
> > Mozilla Foundation
> >
>