Difference between revisions of "DBSA:2013-0004"
(Created page with "'''DBSA ID:''' {{PAGENAME}} '''Regarding:''' Debian-Multimedia repository potential compromise '''Related to:''' DBSA:2013-0002 '''Writeup:''' ~~~~ '''Date:''' 2013 05...") |
m |
||
(4 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
'''DBSA ID:''' {{PAGENAME}} | '''DBSA ID:''' {{PAGENAME}} | ||
− | '''Regarding:''' Debian-Multimedia repository potential compromise | + | '''Regarding:''' Debian-Multimedia repository potential for compromise |
− | |||
− | |||
'''Writeup:''' [[User:Kradorex Xeron|Kradorex Xeron]] ([[User talk:Kradorex Xeron|talk]]) 02:23, 15 June 2013 (EDT) | '''Writeup:''' [[User:Kradorex Xeron|Kradorex Xeron]] ([[User talk:Kradorex Xeron|talk]]) 02:23, 15 June 2013 (EDT) | ||
− | '''Date:''' 2013 | + | '''Date:''' 2013 06 15 |
'''Last Modified:''' {{REVISIONTIMESTAMP}} by {{REVISIONUSER}} | '''Last Modified:''' {{REVISIONTIMESTAMP}} by {{REVISIONUSER}} | ||
Line 19: | Line 17: | ||
'''Rationale:''' The domain name may be misused at any point to attempt to hijack the systems updating against the repository. | '''Rationale:''' The domain name may be misused at any point to attempt to hijack the systems updating against the repository. | ||
− | '''Severity:''' | + | '''Severity:''' LOW |
− | '''Rationale:''' There has been no observed impact, but the network hosting the current 'debian-multimedia.org' domain is | + | '''Rationale:''' There has been no observed impact, but the network hosting the current 'debian-multimedia.org' domain is a potential risk for misuse of the domain name. |
'''Spread of Issue:''' LIMITED MEDIUM | '''Spread of Issue:''' LIMITED MEDIUM | ||
Line 28: | Line 26: | ||
==Description== | ==Description== | ||
− | The domain name | + | The domain name debian-multimedia.org that supports a widely used unofficial software repository, 'debian-multimedia' has had its domain name taken over by a party unrelated to the Debian project in any official or unofficial capacity. The project has thus moved to the domain name deb-multimedia.org |
==Technical Details== | ==Technical Details== | ||
Line 36: | Line 34: | ||
Those affected are advised to visit http://deb-multimedia.org and install the new location of the repository and remove the old, 'debian-multimedia.org' repository from apt configuration. | Those affected are advised to visit http://deb-multimedia.org and install the new location of the repository and remove the old, 'debian-multimedia.org' repository from apt configuration. | ||
− | It is advised to treat the 'debian-multimedia.org' domain name as compromised and audit any transfers performed . | + | It is advised to treat the 'debian-multimedia.org' domain name as compromised and audit for any transfers performed. |
==References== | ==References== |
Latest revision as of 01:37, 15 June 2013
DBSA ID: 2013-0004
Regarding: Debian-Multimedia repository potential for compromise
Writeup: Kradorex Xeron (talk) 02:23, 15 June 2013 (EDT)
Date: 2013 06 15
Last Modified: 20130615013737 by Kradorex Xeron
Who should take note: Debian (and derivative) Users and System Administrators
Classification
Priority: HIGH
Rationale: The domain name may be misused at any point to attempt to hijack the systems updating against the repository.
Severity: LOW
Rationale: There has been no observed impact, but the network hosting the current 'debian-multimedia.org' domain is a potential risk for misuse of the domain name.
Spread of Issue: LIMITED MEDIUM
Rationale: Considering that 'debian-multimedia' is not a core repository of Debian installations and most derivatives thereof, the spread does not qualify for a "HIGH" rating, but is increased due to the high usage of the packages serviced by the repository.
Description
The domain name debian-multimedia.org that supports a widely used unofficial software repository, 'debian-multimedia' has had its domain name taken over by a party unrelated to the Debian project in any official or unofficial capacity. The project has thus moved to the domain name deb-multimedia.org
Technical Details
There is no technical details to discuss in this advisory.
Mitigation/Solution
Those affected are advised to visit http://deb-multimedia.org and install the new location of the repository and remove the old, 'debian-multimedia.org' repository from apt configuration.
It is advised to treat the 'debian-multimedia.org' domain name as compromised and audit for any transfers performed.