{"id":3092,"date":"2012-02-19T19:42:28","date_gmt":"2012-02-20T01:42:28","guid":{"rendered":"http:\/\/bucktownbell.com\/?p=3092"},"modified":"2012-02-19T19:50:30","modified_gmt":"2012-02-20T01:50:30","slug":"malicious-backdoor-in-open-source-messaging-apps-not-spotted-for-3-months","status":"publish","type":"post","link":"http:\/\/bucktownbell.com\/?p=3092","title":{"rendered":"Malicious backdoor in open-source messaging apps not spotted for 3 months"},"content":{"rendered":"<blockquote><p>For almost three months, versions of three widely distributed open-source applications from <a href=\"http:\/\/www.horde.org\/apps\/groupware\">Horde.org<\/a> contained a backdoor that allowed attackers to remotely execute malicious PHP code on systems that ran the programs.<\/p><\/blockquote>\n<p>via <a href=\"http:\/\/arstechnica.com\/business\/news\/2012\/02\/malicious-backdoor-in-open-source-messaging-apps-not-spotted-for-4-months.ars\">Malicious backdoor in open-source messaging apps not spotted for 3 months<\/a>.<\/p>\n<p>This is interesting&#8230;<\/p>\n<blockquote><p>&#8220;The impact through Linux distribution should be not so important,&#8221; Wednesday&#8217;s <a href=\"http:\/\/eromang.zataz.com\/2012\/02\/15\/cve-2012-0209-horde-backdoor-analysis\/\">post<\/a> went on to say. &#8220;Only users who have download the source code from FTP are mainly affected.&#8221;<\/p>\n<p>Horde&#8217;s advisory said the releases were altered after unidentified hackers breached an FTP server used to distribute the installation packages.<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>For almost three months, versions of three widely distributed open-source applications from Horde.org contained a backdoor that allowed attackers to remotely execute malicious PHP code on systems that ran the programs. via Malicious backdoor in open-source messaging apps not spotted &hellip; <a href=\"http:\/\/bucktownbell.com\/?p=3092\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[284],"tags":[427,55],"class_list":["post-3092","post","type-post","status-publish","format-standard","hentry","category-servers","tag-exploit","tag-php"],"_links":{"self":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/3092","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3092"}],"version-history":[{"count":3,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/3092\/revisions"}],"predecessor-version":[{"id":3098,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/3092\/revisions\/3098"}],"wp:attachment":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3092"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3092"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3092"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}