Compromized Department Web Servers Redirected To Adult Content
Quick Facts
- Date: 1/26/2007
- Institution: University of Arizona
- Type of Incident: Penetration
- Number Affected: N/A
- Source: ESI
- Abstract Source: Arizona Daily Star
Abstract
The University of Arizona announced that two department Web servers were recently compromised by individuals believed to reside outside of the United States. These machines, belonging to the University's Philosophy department and the to the Large Binocular Telescope Observatory, were compromised through a known vulnerability in the Twiki collaboration software. The intruder used their access to upload pornographic material to the Web sites and redirect link traffic to adult pages. Luckily, no student or sensitive data is believed to have been contained on these machines. Interestingly enough, the departments these computers belonged to were aware of the vulnerability in the program, but had not had a chance to deploy the patch to fix the problem.
