[axxs-sysadmin] Horde exploit - webmail unavailable, no ETA as yet
Dave Fregon
dave at netaxxs.com.au
Thu Mar 6 17:07:40 PST 2008
Hey .. word on the street ;)
http://forums.cpanel.net/showthread.php?t=76685
we don't use cPanel, but according to the post by devs it affects all
platforms.
"At present, we can confirm that this security vulnerability in question
affects Horde 3.1.6 and earlier. Based on incomplete information at this
time, we also believe this affects Horde Groupware 1.0.4 and earlier as
well (cPanel does not use Horde Groupware at this time). We recommend
anyone using Horde or Horde Groupware disable it until the patch has
been released. Since this vulnerability is contained in the stock Horde
distribution and not limited to it's use on cPanel servers, we recommend
disabling Horde on all platforms until patched."
I have already locked down axxs.org server horde install.
Webmail will be re-instituted asap, when patched.
--
Dave Fregon
NetAxxs Workers Collective
Ph: +613 5721 7777
Mob: 0434 000 234
25A Ely Street
Wangaratta 3677
Australia
More information about the axxs-sysadmin
mailing list