Exploits galore

Skip to content
Skip to site navigation

Written by Counterpoint

Feb 25, 2006 at 01:18 AM

counterpoint

Not really a week to remember, the world seems to have been conspiring against us. It was bad enough finding out about a new exploit in Mambo. But we'd no sooner fixed it than we seemed to be the focus of a worldwide panic about Linux worms! It is really painful for people who get hacked, and we do our level best to resist it. Sadly, it takes time to block up all the holes, and despite taking a lot of care, there is always the risk that new holes will appear.

The real Mambo problem came to us from a security researcher, just at a bad time. The old Mamboforge was down and The Source was still in preparation. So part of the problem was to find a distribution mechanism. The fix was actually written within hours of the issue being raised. It is always difficult to figure out exactly how to give out the fix, and how to get a balance between giving information and helping hackers. If anyone has good ideas on this, please talk to us!

Mare.D was built up into a story that spread around the internet like wildfire. We still don't know why. Some people are keen to build up Linux related vulnerabilities, and there is suspicion that journalists are wound up by the security companies themselves. Anyway, it turned out that there was really no foundation to the story, unless it was that we had just passed the first anniversary of an old exploit in Mambo!

In the middle of all the security excitement, I had to go to a real world meeting, not to do with Mambo. I'd almost forgotten what a bother it can be, finding parking, catching trains, standing on cold railway stations. Oddly enough, the same day, there was a Mambo Foundation Board meeting – four people from three different continents, and none of us left our offices. We used Skype, so it was yet another case of the internet making life easier – how did we ever manage without it?

-counterpoint

User Comments

No user comments to date. Why don't you write one?

<Previous		Next>

Back

Stay Informed

Join the Mambo fun on facebook!

Follow Mambo on Twitter. This is the official (and only) Twitter account for Mambo.

Buy your Mambo books here and help support Mambo at the same time!

Subscribe to our Security Mailing List to receive security notifications.

Get Help

Mambo Manual

Our user manual and developer guide. Jump inside and find out how Mambo works for you.

Mambo Forums

The place to help and be helped.

Mambo Support

Knowledgebase chock full of tips, tricks, how-to's and best practise to help you get the most out of using Mambo.

Mambo Services

Can't do it alone? You don't need to! We have a growing list of Mambo professionals who will be happy to help you out.

What is Mambo?

Mambo is a full-featured, award-winning content management system that can be used for everything from simple websites to complex corporate applications. It is used all over the world to power government portals, corporate intranets and extranets, ecommerce sites, nonprofit outreach, schools, church, and community sites. Mambo's "power in simplicity" also makes it the CMS of choice for many small businesses and personal sites.

Mambo is one of the most powerful Open Source Content Management Systems on the planet and with almost 8 million downloads, Mambo is arguably one of the most popular CMS's in the world. Mambo is easy to install, simple to manage, and reliable.

About this site

The mambo-news.org site has been built with the world's most popular CMS - Mambo!

This is a basic install of Mambo Lite 4.6.5.

The site uses the following 3rd party extensions:

Thick-RSS module from Horst Lindlbauer;

Mambo News