The H is reporting
that a backdoor was inserted into installation packages of the Horde groupware. The affected versions are "Horde 3.3.12, Groupware 1.2.10 and the webmail edition of the groupware product
". An intrusion into the FTP server back in November led to the problem. "Users who have installed a hacked version onto a server have thrown their systems wide open to the hackers – the backdoor enables them to execute arbitrary PHP code. By exploiting additional vulnerabilities, attackers could use this to gain complete control of the server.
to post comments)