[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Fw: Spread Firefox Security Notice
- To: Development Discussions <developer at arabeyes dot org>
- Subject: Re: Fw: Spread Firefox Security Notice
- From: arn at scs-net dot org
- Date: Wed, 5 Oct 2005 10:52:41 +0200
- User-agent: Internet Messaging Program (IMP) 3.2.1
No problem with firefox on windows for the moment... What version do you use ?
Regards
Armelle
Quoting hamed <hamed_fcs at hotpop dot com>:
> salam,
>
> I used to notice that firefox consums all the speed
> of my machine since few days, so I suspect windows
> then I recieved this message!
> is there any relation ???
>
> Thanks,
> Hamed
>
> ----- Original Message -----
> From: <admin at spreadfirefox dot com>
> To: <announce at spreadfirefox dot com>
> Sent: Tuesday, October 04, 2005 6:48 AM
> Subject: Spread Firefox Security Notice
>
>
> > The Spread Firefox Team became aware this week that the server hosting
> > Spread Firefox, our community marketing site, has been accessed by
> > unknown remote attackers who attempted to exploit a security
> > vulnerability in TWiki software installed on the server. The TWiki
> > software was disabled as soon as we were aware of the attempts to access
> > SpreadFirefox.com. This exploit was limited to SpreadFirefox.com and
> > did not affect mozilla.org web sites or Mozilla software.
> >
> > We have scanned Spread Firefox servers and at this time do not believe
> > any sensitive data was taken, but as a precautionary measure we have
> > shutdown the site and will be rebuilding the web site from scratch. We
> > also recommend that you change your Spread Firefox password and the
> > password of any accounts where you use the same password as your Spread
> > Firefox account. We will notify you again when the site is back up with
> > instructions on how to change your password. (Note: We do use MD5
> > hashing on the passwords, but MD5 cannot protect all passwords against
> > off-line dictionary style attacks.)
> >
> > After Spread Firefox was compromised in July, we instituted procedures
> > to ensure that we apply all security fixes to the software running the
> > site (Drupal and PHP) as soon as they become available. Unfortunately,
> > those procedures overlooked the installation of the TWiki software since
> > it is not used by the main Spread Firefox site. When the system is
> > rebuilt, all the software will be audited to ensure that security
> > updates will be applied in a timely manner. We deeply regret this
> > incident and any inconvenience this may have caused you. Sincerely,
> >
> > Spread Firefox Team
> > Mozilla Foundation
> >
>