ServerTune Logo Control Panel Licenses Server Management VPS Dedicated Servers Colocation ServerTune.com
 
ServerTune HomeAbout usContact usHelp DeskKnowledgebaseSpecialLIVE Chat ServerTune
DirectAdmin VPS Server Management

Our most popular service:

Dedicated Server Hosting

Dedicated Servers: starting $89 /month

  

Issues, Tips, and Solutions

Click here to tour ServerTune's Data Center and view photos from the conferences we attended.

*** Follow ServerTune on: ServerTune is on Facebook ServerTune is on Twitter
 
 
Browse by category   Search
 
/ServerTune KB / Operating Systems / Security / Horde v3.1.6 and earlier is NOT secure/
Horde v3.1.6 and earlier is NOT secure
Printer Friendly
Printer friendly
email to a friend
Email to friend
Add comment Add comment
Views: 2234
Votes: 0
Comments: 0
Posted: 07 Mar, 2008
by: Customer Service :: S.
* * * * *
Updated: 10 Mar, 2008
by: Customer Service :: S.

Horde arbitrary file inclusion vulnerability
March 7th, 2008

An arbitrary file inclusion vulnerability has been discovered in the Horde webmail application. This security vulnerability affects Horde v3.1.6 and earlier. In addition, the cPanel engineers believe that this security threat affects Horde Groupware v1.0.4 and earlier as well (cPanel does not use Horde Groupware at this time).

cPanel customers should update their cPanel/WHM servers immediately to prevent any chances of server compromise. The patch will be available in builds 11.18.2 and greater (or 11.19.2 and greater for EDGE systems). The updated builds will be available immediately to all fast update servers.

To check which version of cPanel/WHM you currently have on your server, log into your WHM and look in the top right corner, or run the following command from the command line as root:

/usr/local/cpanel/cpanel -V

HowTo Update your cPanel/WHM

Login to WHM >> and find 'Upgrade to Latest Version' in the left pane/frame; or by executing the following from the command line as root:

/scripts/upcp --force

We suggest that all use of Horde v3.1.6 and earlier be stopped (on cPanel and non-cPanel systems alike) until Horde updates can be applied. To disable Horde on a cPanel powered server, Login to the WHM and un-check the checkbox next to 'Server Configuration' >> 'Tweak Settings' >> 'Mail' >> 'Horde Webmail', scroll down the page and press the button "Save".

 

 

LATEST NEWS
March 10th, 2008

*** If you're HOSTING your server with ServerTune, we can apply these updates FREE of charge. Just submit a ticket via http://ServerTune.com/help/ ***

The Horde webmail application framework has been updated to v3.1.7 for the official fix to the previously announced arbitrary file inclusion vulnerability. cPanel has also made upgrades in cPanel's PHP application security model for Horde, PhpMyAdmin, and PhpPGAdmin.  These upgrades have been made to minimize or mitigate undiscovered vulnerabilities in these third-party applications while running within a cPanel installation.

We suggest you update your cPanel powered server to either v1.18.3 or v11.19.3.  If you do not wish to update the cPanel, it is strongly recommended that you keep Horde disabled until these updates have been applied.

- HowTo disable Horde in the cPanel/WHM
Login to WHM >> Server Configuration >> Tweak Settings >> Mail , and  un-check the checkbox next to Horde Webmail, scroll down the page and hit the button "Save".

- What is the current version of the cPanel I am running?
* Login to the WHM and look in the upper right corner, or
* SSH to the server and run the following command:
/usr/local/cpanel/cpanel -V

- HowTo update the cPanel/WHM to the latest version:
* Login to WHM, then select cPanel >> Upgrade to Latest Version >> Click to Upgrade, or
* SSH to the server and run the following command:
/scripts/upcp --force

For more information about Horde vulnerability, go to:
http://lists.horde.org/archives/announce/2008/000382.html  
Other articles in this Category
document Understanding Attack Techniques
document The Concept of Security
document What Causes High Server Load?
document Security Tips
document Mod Security Rules and SPAM
document Limit the resources for a specific user
document Denial of Services (DoS) Detrimental to Businesses
document Protect Your Company Against DDoS Attacks
document Malecious Random JavaScript Rootkit
document Protect your server against IFRAME JS injection code with "ServerTune Plus Plan"
document Latest findings about the Random JavaScript Rootkit
document RKhunter report: The command '/usr/bin/ldd' has been replaced by a script
document Linux kernels v2.6.17+ vmsplice()Root Exploit
document IFRAME injection code :: infected Web sites and suggestions
document Warning :: A new wave of domain scam/spam
document Your client or your PC might be a zombie in a Botnet
document HowTo scan and stop uploading infected files to your server


RSS
Last update: December 22nd, 2009 ••• Copyright © 2004-2010 ServerTune Inc.
Control Panel Licensing
cPanel Plesk Miva Merchant