forum.excito.org

I just found that my b3 was vulnerable at this exploit:

http://www.exploit-db.com/exploits/29290/

It appears to have been announced only a few days ago, but it is already widespread, so I think all the bubba users with external access to their system could be at risk

the php5 package is in excito's repositories so even if someone plugs the vulnerability at debian.org, it will not appear as an upgrade to bubba users...

thanks and best regards

giovanni

Really?

http://forum.excito.net/viewtopic.php?f=9&t=4633

Edit: Sorry I was being myself again .
The exploit is known for a few days and Excito has created a patch. This patch should go live with days, after which you can protect yourself via the web-based update utility. If you read the thread I mentioned above you can see what you can do to prevent this attack for your machine.

Showing off your good side Ubi?

No problem...

I'm slightly busy, leaving for antarctica in a week, and my b3 works as an hub for my e-mail accounts, collecting everything and sending me a digest thru the laughable bandwidth of the e-mail account I have there: the timing of the attack could not be worse! The damn thing has literally become "the heart of my digital life" or whatever was the exact phrasing!

Yesterday I tried to find something related in the forum, I expected to see an active post (as it is now...), but didn't see anything. meh. maybe I was too tired.

Well, what's important is that I'll be able to plug the vulnerability before leaving

thanks again!