Closed
Bug 401491
Opened 17 years ago
Closed 17 years ago
Mozilla Developer News blog posts contain spam links
Categories
(mozilla.org Graveyard :: Server Operations, task)
mozilla.org Graveyard
Server Operations
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: alqahira, Assigned: justdave)
References
()
Details
You'll have to view source on the pages, or read the Mozilla Developer News posts on planet.m.o where they're visible, but there is a <p><font style="position: absolute;overflow: hidden;height: 0;width: 0"><br /> containing a bunch of spam links at the bottom of that post, and at least the previous post http://developer.mozilla.org/devnews/index.php/2007/10/08/keeping-an-eye-on-blockers/ as well.
Comment 1•17 years ago
|
||
So, this is a dupe of bug 401382, which is already resolved as fixed. So, there's either a 0day exploit being used to do this, or somebody's password got compromised. Need to see what IPs have accessed the admin interface in the last day and check what accounts were used.
Assignee: nobody → server-ops
Component: Administration → Server Operations
OS: Mac OS X → All
Product: Mozilla Developer Center → mozilla.org
QA Contact: administration → justin
Hardware: PC → All
Version: unspecified → other
Assignee | ||
Comment 3•17 years ago
|
||
There was a compromised password. Wordpress doesn't keep detailed enough logs to find out whose was used. :( Everyone with enough access to have done this (total of 28 people) had their passwords reset, and a mail was sent telling them so.
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
Assignee | ||
Updated•17 years ago
|
Assignee: server-ops → justdave
Updated•9 years ago
|
Product: mozilla.org → mozilla.org Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•