Add WineHQ to the list of open-source projects struggling to contain a serious security breach.
WineHQ, which manages software that’s used to run Windows applications on Linux, BSD, Solaris and Mac OS X, confirmed the breach and warned that the intruders were able to hijack usernames and passwords.
“
What we know at this point that someone was able to obtain unauthorized access to the phpmyadmin utility. We do not exactly how they obtained access; it was either by compromising an admins credentials, or by exploiting an unpatched vulnerability in phpmyadmin,” according to Jeremy White of Codeweavers, a company that sells a supported version of Wine.
White said the company had “reluctantly provided access to phpmyadmin to the appdb developers” which offered a prime target for hackers.
Read more
