It would appear that, on the day of July 14, 2016, the Ubuntu Forums were compromised by someone who managed to get past the security measures implemented by Canonical and access the forum’s database.
Canonical was immediately notified of the fact that someone claimed to have a copy of the Ubuntu Forums database. After some investigation, it appears that the forum’s database was indeed attacked at 20:33 UTC on July 14, 2016, by someone who injected certain formatted SQL to the database servers on the Ubuntu Forums.
“Deeper investigation revealed that there was a known SQL injection vulnerability in the Forumrunner add-on in the Forums which had not yet been patched,” said Jane Silber, Canonical CEO. “This gave them the ability to read from any table but we believe they only ever read from the ‘user’ table.”
Canonical reports that … (read more)
Remember to like our facebook and our twitter @ubuntufree for a chance to win a free Ubuntu laptop by Dell or HP!
Top Trending Pages: Ubuntu Downloads | Ubuntu How To Guide | Download Ubuntu Software | Share Ubuntu Files With Windows
