Jochen Schulz <> scribbled on Monday, September 19, 2005 19:55:

> Joseph Jones:
>>
>> Somebody attacked the wiki through a vulnerability, and my
>> understanding is that this also gave them access to other parts of the
>> Rockbox infrastructure. Namely, the mailing list.
>
> The tiwki vulnerability enabled everyone to execute shell comands with the
> privileges of the www/wiki user. The attacker launched 'rm -rf /' ("Delete
> everything" in UNIX) and that deleted everything the user was allowed to
> delete.

Somebody who wasn't happy with Rockbox maybe? ;-)
Received on Tue Sep 20 08:43:23 2005