[horde] [SECURITY] Remote execution backdoor after server hack (CVE-2012-0209)
Chris Flav
chris.flav at yahoo.ca
Tue Feb 14 02:08:01 UTC 2012
s CVE-2012-0209: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0209
>
>We have been able to limit the manipulation to three files downloaded during a certain timeframe. The affected releases are:
>- Horde 3.3.12 downloaded between November 15 and February 7
>- Horde Groupware 1.2.10 downloaded between November 9 and February 7
>- Horde Groupware Webmail Edition 1.2.10 downloaded between November 2 and February 7
>
>No other releases have been affected.
Is it possible to confirm that the patch updates were or were not modified?
C. Flav
More information about the horde
mailing list