Gentoo pulls vulnerable server offline

The Gentoo Project has removed a server hosting several sites and services after the discovery of a potentially serious command injection vulnerability.

Gentoo pulls vulnerable server offline
The Gentoo Project has removed a server hosting several sites and services after the discovery of a potentially serious command injection vulnerability.

The open-source group, which produces a popular Linux distribution, said the security hole was verified within http://packages.gentoo.org.

"The Infrastructure team verified the vulnerability and the server was immediately taken down to prevent further exploitation and to allow for forensic analysis," Gentoo said in brief note on its Web site.

The server hosted the following sites and services:

  • archives.gentoo.org
  • packagestest.gentoo.org
  • scripts.gentoo.org
  • archivestest.gentoo.org
  • kiss.gentoo.org
  • packages.gentoo.org
  • stats.gentoo.org
  • survey.gentoo.org

The group said the affected server will be rebuilt while the http://packages.gentoo.org service's source undergoes a full security audit prior to being restored. The tree and all other services were unaffected.

The Gentoo site vulnerability comes on the heels of this week's security breach at Ubuntu that forced the removal of 5 of 8 productions servers from the Internet.

The Ubuntu servers were found to be missing security patches, using insecure protocols (FTP without SSL) to access the machines and without upgrades past breezy due to problems with the network cards and later kernels.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All