[Tickets #8519] Re: horde 3.1.7-1.el5.centos remote exploited in the wild

bugs at horde.org bugs at horde.org
Fri Aug 21 14:43:45 UTC 2009


DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: http://bugs.horde.org/ticket/8519
------------------------------------------------------------------------------
  Ticket             | 8519
  Updated By         | cjk at touchtable.se
  Summary            | horde 3.1.7-1.el5.centos remote exploited in the wild
  Queue              | Horde Base
  Version            | 3.1.7
  Type               | Bug
  State              | Not A Bug
  Priority           | 3. High
  Milestone          |
  Patch              |
  Owners             |
------------------------------------------------------------------------------


cjk at touchtable.se (2009-08-21 10:43) wrote:

That is the version installed per default on Centos-5.3, and RHEL-5.3  
in the extras repository.

Is it a know bug that has been fixed? Or is it just a unsecure default  
install.

The only thing we did was install the rpm via yum. And then left it  
for a week or so.
Is the default install insecure with the default password for admin  
being "admin" or
something?







More information about the bugs mailing list