Security breaches on www.skarnet.org

I publicly apologize to my users for every item in this list. Every security breach is a system administrator failure.

2003-06-03 T 16:02 TAI: one hour before the vulnerability announcement on the fnord mailing-list, an attacker exploits a security hole in fnord and gains reading access to some internal files. Fortunately, the attack was not automated, and it seems that the attacker was more curious than meaning harm. The same attempt is made seven hours later, but fails because fnord has been fixed.
Update: 2003-06-11: the attacker has been found, his ISP has been notified. He'll never do that again. Thanks to Felix von Leitner and Thomas Walpuski for their cooperation in tracking the guy.