- Nov 5, 2011
- 5,855
Horde.org backdoored sad topic for you ..
Horde Groupware contains backdoor (The H) : on Lwn.net: http://lwn.net/Articles/481427/rss
Quote:
'Posted Feb 14, 2012 17:39 UTC (Tue) by jake:
The H is reporting that a backdoor was inserted into installation packages of the Horde groupware. The affected versions are "Horde 3.3.12, Groupware 1.2.10 and the webmail edition of the groupware product". An intrusion into the FTP server back in November led to the problem. "Users who have installed a hacked version onto a server have thrown their systems wide open to the hackers – the backdoor enables them to execute arbitrary PHP code. By exploiting additional vulnerabilities, attackers could use this to gain complete control of the server."
02/13/12[SECURITY] Remote execution backdoor after server hack: on dev.horde.org: http://dev.horde.org/h/jonah/stories/view.php?channel_id=1&id=155
Quote:
'A few days ago we became aware of a manipulated file on our FTP server. Upon further investigation we discovered that the server has been hacked earlier, and three releases have been manipulated to allow unauthenticated remote PHP execution.
We have immediately taken down all distribution servers to further analyze the extent of this incident, and we have worked closely with various Linux distributions to coordinate our response.
Since then the FTP and PEAR servers have been replaced and further secured. Clean versions of our releases have been uploaded.'
'We have been able to limit the manipulation to three files downloaded during a certain timeframe.'
'We recommend that all users of the affected version immediately re-install using fresh copies downloaded from our FTP server, or to upgrade to the more recent versions that have been released since then.'
'If you are running Horde 4, you don't need to do anything.
We apologize for the inconvenience and assure you that we are undertaking a full security review of our procedures to prevent this kind of incident from happening again.'
Sad news here.
Horde Groupware contains backdoor (The H) : on Lwn.net: http://lwn.net/Articles/481427/rss
Quote:
'Posted Feb 14, 2012 17:39 UTC (Tue) by jake:
The H is reporting that a backdoor was inserted into installation packages of the Horde groupware. The affected versions are "Horde 3.3.12, Groupware 1.2.10 and the webmail edition of the groupware product". An intrusion into the FTP server back in November led to the problem. "Users who have installed a hacked version onto a server have thrown their systems wide open to the hackers – the backdoor enables them to execute arbitrary PHP code. By exploiting additional vulnerabilities, attackers could use this to gain complete control of the server."
02/13/12[SECURITY] Remote execution backdoor after server hack: on dev.horde.org: http://dev.horde.org/h/jonah/stories/view.php?channel_id=1&id=155
Quote:
'A few days ago we became aware of a manipulated file on our FTP server. Upon further investigation we discovered that the server has been hacked earlier, and three releases have been manipulated to allow unauthenticated remote PHP execution.
We have immediately taken down all distribution servers to further analyze the extent of this incident, and we have worked closely with various Linux distributions to coordinate our response.
Since then the FTP and PEAR servers have been replaced and further secured. Clean versions of our releases have been uploaded.'
'We have been able to limit the manipulation to three files downloaded during a certain timeframe.'
'We recommend that all users of the affected version immediately re-install using fresh copies downloaded from our FTP server, or to upgrade to the more recent versions that have been released since then.'
'If you are running Horde 4, you don't need to do anything.
We apologize for the inconvenience and assure you that we are undertaking a full security review of our procedures to prevent this kind of incident from happening again.'
Sad news here.
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}
