[dev] [SECURITY] Horde was used to hack my system
Patrice Levesque
horde.wayne at ptaff.ca
Wed Apr 12 08:40:41 PDT 2006
> I think there is a problem in /horde/services/help/index.php. This script was
> used to dump some files in my temp dir and to start an irc server. The logs
> are below. I haven't looked at the code yet. I'm scanning my system first.
1) This was posted on horde-announce two weeks ago.
http://marc.theaimsgroup.com/?l=horde-announce&m=114355248404792&w=2
There is a notice on the HOME PAGE of horde since march 28th.
http://www.horde.org/
2) A mailing list is _never_ the place to discuss security issues. Whatever the
project. Don't feed the crackers.
http://www.horde.org/support.php
Don't want to be rude, but do your homework next time.
--
--====|====--
--------================|================--------
Patrice Levesque
http://ptaff.ca/
horde.wayne at ptaff.ca
--------================|================--------
--====|====--
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.horde.org/archives/dev/attachments/20060412/68440931/attachment.bin
More information about the dev
mailing list