Open Source WineHQ Breached

Monday, October 17, 2011 @ 03:10 PM gHale


A major open source project, WineHQ, suffered a breach.

WineHQ, which manages Wine, an open source technology that lets users install and run Windows applications on Linux, Mac, Solaris and other operating systems, found someone broke into one of its database systems and gain access to an open source PHP tool that allows remote management of databases.

RELATED STORIES
Two Groups Join in RSA Attack
Cyber Threats Forecast for 2012
Firms Hacked and Don’t Know It
3 Face Hacking Charges in AZ, CA

Wine developer Jeremy White said it’s unclear how the intruder was able to gain unauthorized access to the PHP utility. “It was either by compromising an admins’ credentials, or by exploiting an unpatched vulnerability in phpmyadmin,” White said. White is the founder and chief executive of Codeweavers, a company that sponsors the Wine project.

WineHQ had “reluctantly” decided to allow application developers to remotely access the PHP utility because it is “a very handy tool, and something they very much wanted,” he said. “But it is a prime target for hackers, and apparently our best efforts at obscuring it and patching it were not sufficient.”

There appears to be no immediate evidence of harm to any databases though it would have been relatively easy for malicious hackers to cause damage, White said.

However, the attackers managed to harvest all the login information of users of the Wine Application Database (AppDB) and Bugzilla, the WineHQ bug tracking system, White said.

“This means that they have all of [the email addresses], as well as the passwords,” of AppDB and Bugzilla users, he said.

“The passwords are stored encrypted, but with enough effort and depending on the quality of the password, they can be cracked,” White said. “This, I’m afraid, is a serious threat; it means that anyone who uses the same email/password on other systems is now vulnerable to a malicious attacker using that information to access their account.”

WineHQ is resetting the passwords of all affected users, he added.

WineHQ is the second open source project to suffer from a breach in the past two months. In August, hackers broke into Kernel.org, the home of the Linux project, and gained administrative access to several servers within the kernel.org infrastructure.

That breach led to a subsequent breach that resulted in several websites, including Linux.com and LinuxFoundation.org, going offline in September.

SourceForge, an open-source software development site that hosts more than 260,000 open source projects, hosts WineHQ. SourceForge suffered a hack attack itself in January something some believe may have focused on corrupting projects hosted on the site.



Leave a Reply

You must be logged in to post a comment.