[horde] Phising despite latest CVS?

[Jan Johansson]

>The attacker has probably already installed a backdoor before you  
>upgraded and is installing the file through that.

So, apart from "everything", what should I be looking for? :)

It has to be a file owned by the same user as my web-server, right?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3030 bytes
Desc: not available
Url : http://lists.horde.org/archives/horde/attachments/20060503/d805e548/smime.bin