[Lazarus] Lazarus Forum seems to be hacked!

Matt Shaffer dazappa.matt at gmail.com
Thu Jan 28 08:55:08 CET 2010


Right, but what I meant was if someone manages to upload their own PHP file
to the lazarus server, they can easily have uploaded a PHP file manager
which has the capability of deleting files, etc, without ever needing
ssh/ftp (this assumes the attack was done through a vulnerable piece of
software, that had write permissions, etc.)

I don't think this scenario is extremely likely.

On Thu, Jan 28, 2010 at 2:42 AM, Florian Klaempfl <florian at freepascal.org>wrote:

> Matt Shaffer schrieb:
> > Well, there doesn't have to be shell/ftp for the person to have access
> > to files ;)
>
> To ssh, you've to hack a vpn first ;)
>
> --
> _______________________________________________
> Lazarus mailing list
> Lazarus at lists.lazarus.freepascal.org
> http://lists.lazarus.freepascal.org/mailman/listinfo/lazarus
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lazarus-ide.org/pipermail/lazarus/attachments/20100128/120555ef/attachment-0004.html>


More information about the Lazarus mailing list