Wireshark-dev: [Wireshark-dev] Wireshark Wiki Security Incident
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Wed, 09 Jan 2013 12:25:50 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On July 25, 2012 an intruder gained access to the server that hosts
wiki.wireshark.org, blog.wireshark.org, and ask.wireshark.org. This
intrusion went undetected until January 8, 2013.

What was affected?

As far as we can tell the only service affected was
wiki.wireshark.org. The Wireshark source code repository, bug tracker,
mailing lists, and other services reside on other hosts and do not
appear to be impacted.

What are you doing?

Wiki.wireshark.org is down and is being rebuilt from scratch. Even
though ask.wireshark.org and blog.wireshark.org don't appear to be
impacted they were on the same host and are being rebuilt from scratch
as well.

We are still conducting an investigation into the full extent of the
breach and will update this page with any new information.

What should I do?

Your password on wiki.wireshark.org will be disabled. If you used that
password anywhere else you should change that password immediately.

More Information

http://wiki.debian.org/DebianWiki/SecurityIncident2012
http://pyfound.blogspot.com/2013/01/wikipythonorg-compromised.html


I would like to offer my apologies for any inconvenience this may have
caused.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (Darwin)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iEYEARECAAYFAlDt0k4ACgkQpw8IXSHylJqoOACgnx4TE1PHk48wWX+1SQff1jUN
C40AoKs+TK+0igVLHRhu3iPUDRiRtET0
=8yFC
-----END PGP SIGNATURE-----