Errors

errors.ubuntu.com appears trojaned

Bug #1841273 reported by Sam
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Errors
New
Undecided
Unassigned

Bug Description

The closest related package might be Whoopsie, though this seems to be a problem with the Ubuntu website. Hopefully it's not just involving my Ubuntu One ID and you'll be able to duplicate.

Steps to reproduce on a 16.04 system:

1) Open System Settings/Security and Privacy and click on the Diagnostics tab.

2) Click on "Show Previous Reports"

You're taken to an "Ubuntu Error tracker" page, which is hosted on errors.ubuntu.com

3) Click on one of the reports (assuming you have any)

You'll be taken to a sign in page on login.ubuntu.com asking for your Ubuntu One ID.

In my case, after signing in I immediately get a page with this html source code:

<html>
<head>
<link rel="stylesheet" type="text/css" href="/css/error.css">
<link rel="stylesheet" type="text/css" href="https://fonts.googleapis.com/css?family=Ubuntu+Mono:700&subset=Latin">
</head>
<style>
</style>
<body>
    <div id="outer"><div id="inner">
    <blockquote><a href="http://www.homestarrunner.com/sbemail118.html">
        FLAGRANT SYSTEM ERROR<br>
        <br>
        Computer over.<br>
        Virus = Very Yes.
    </a></blockquote>
    </div></div>
    <div id="ident"></div>
</body>
</html>

If you need more information please let me know.

Tags: bot-comment
Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better. It seems that your bug report is not filed about a specific source package though, rather it is just filed against Ubuntu in general. It is important that bug reports be filed about source packages so that people interested in the package can find the bugs about it. You can find some hints about determining what package your bug might be about at https://wiki.ubuntu.com/Bugs/FindRightPackage. You might also ask for help in the #ubuntu-bugs irc channel on Freenode.

To change the source package that this bug is filed about visit https://bugs.launchpad.net/ubuntu/+bug/1841273/+editstatus and add the package name in the text box next to the word Package.

[This is an automated message. I apologize if it reached you inappropriately; please just reply to this message indicating so.]

tags: added: bot-comment
Adolfo Jayme Barrientos (fitojb)
affects: ubuntu → errors
Revision history for this message
Sam (i41bktobiu5q-launchpadnet) wrote :

It would be great if someone from the Ubuntu team with access to this server could determine if this issue is limited to only certain machines/error reports or if it's more widespread. Thanks!

Revision history for this message
Brian Murray (brian-murray) wrote :

This is the 500 error for the Error Tracker which a previous developer thought was funny.

https://bazaar.launchpad.net/~daisy-pluckers/errors/trunk/view/head:/errors/templates/500.html

The site is not compromised.

Revision history for this message
Sam (i41bktobiu5q-launchpadnet) wrote :

Thanks Brian. We get that error for every report we click on.

Daniel van Vugt (vanvugt)
Changed in errors:
status: New → Invalid
Revision history for this message
Nathan Teodosio (nteodosio) wrote :

+1 to re-open this to at least convey it's a 500.

Daniel van Vugt (vanvugt)
Changed in errors:
status: Invalid → New
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.