Hacker Exploits a Vulnerability on GitHub

Monday Mar 5th 2012 by Developer.com Staff
Share:

Millions of projects stored on the repository are at risk from similar attacks.

Developer Egor Homakov hacked into GitHub over the weekend, demonstrating that the repository  could be breached through a mass-assignment vulnerability in Rails. Although Homakov only posted an amusing commit, hackers with more nefarious plans in mind could have exploited the security hole to delete or alter the code or history of projects stored in GitHub. GitHub currently hosts more than 2.3 million repositories, including the source code for the Linux kernel, Ruby on Rails, jQuery, Node.js, Reddit, and many others.

In response to the hack, GitHub has apologized for making it difficult to report security bugs and has taken steps to make it easier for other white hats to report problems.

View article

Share:
Home
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved