Mozilla Developer News blog posts contain spam links

RESOLVED FIXED

Status

mozilla.org Graveyard
Server Operations
--
major
RESOLVED FIXED
11 years ago
3 years ago

People

(Reporter: Smokey Ardisson (offline for a while; not following bugs - do not email), Assigned: justdave)

Tracking

Details

(URL)

You'll have to view source on the pages, or read the Mozilla Developer News posts on planet.m.o where they're visible, but there is a  

<p><font style="position: absolute;overflow: hidden;height: 0;width: 0"><br />

containing a bunch of spam links at the bottom of that post, and at least the previous post http://developer.mozilla.org/devnews/index.php/2007/10/08/keeping-an-eye-on-blockers/ as well.
So, this is a dupe of bug 401382, which is already resolved as fixed. So, there's either a 0day exploit being used to do this, or somebody's password got compromised. Need to see what IPs have accessed the admin interface in the last day and check what accounts were used.
Assignee: nobody → server-ops
Component: Administration → Server Operations
OS: Mac OS X → All
Product: Mozilla Developer Center → mozilla.org
QA Contact: administration → justin
Hardware: PC → All
Version: unspecified → other
Duplicate of this bug: 401490
There was a compromised password.  Wordpress doesn't keep detailed enough logs to find out whose was used. :(

Everyone with enough access to have done this (total of 28 people) had their passwords reset, and a mail was sent telling them so.
Status: NEW → RESOLVED
Last Resolved: 11 years ago
Resolution: --- → FIXED
Assignee: server-ops → justdave
Product: mozilla.org → mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.