Information Security all in one place!

Horde Groupware has been Infiltrated!

Unknown perpetrators infiltrated a backdoor into several installation packages during an attack on groupware provider Horde‘s FTP server. Horde 3.3.12, Groupware 1.2.10 and the webmail edition of the groupware product are all affected. Horde 4 was not modified. The CVS and Git servers are also unaffected.

Users who have installed a hacked version onto a server have thrown their systems wide open to the hackers – the backdoor enables them to execute arbitrary PHPcode. By exploiting additional vulnerabilities, attackers could use this to gain complete control of the server.

Screenshot of Horde's portal view

Image via Wikipedia

According to Horde, the intrusion occurred in early November last year, but was discovered just a few days ago. The developers have now removed the backdoor from the installation packages available from the FTP server.

Users who installed one of the affected products between November 2011 and 7 February this year should download a new copy of the file or upgrade to the recently released Horde 3.3.13 or Groupware 1.2.11. The new versions also fix other critical vulnerabilities. Some Linux distributions could also contain vulnerable packages, although the developers do not say which distributions may be affected. 

 

Advertisements

Let's hear what you have to say.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s