Dotable - the home of "No worries" hosting!  
 
Home About Products F.A.Q Network Status Affiliates Support Contact Search Terms
 
Dotable currently hosts more than 20,000 domains for clients from all parts of the planet. Dotable is an owner operated hosting company, with Dotable's owner's Bob and Steve having 15 years of combined hosting experience between them, going back to 2001.

Dotable offers a wide but focused range of hosting products. So if you're looking to purchase a domain, or host 1 domain, or need to host multiple domains, or need a reseller account, or a VPS account or a dedicated server, at Dotable we've got you covered.

 Dotable mascot! Welcome to Dotable
Go Back   Dotable - Dot your Domains™ > Dotable Announcement Forum
Horde Webmail Disabled Horde Webmail Disabled
Closed Thread
Page 1 of 2 1 2 >
 
LinkBack Thread Tools Search this Thread Display Modes
Old 6th March 2008, 07:21 PM   #1 (permalink)
Dotable
 
Dotable Steve's Avatar
 
Join Date: Jun 2006
Location: Auckland
Posts: 1,392
Default Horde Webmail Disabled
Horde webmail has had to be disabled temporarily on all servers.

We will post more news about this later today.

Please use squirrelmail in the interim.
__________________
Dotable - The home of "No Worries" hosting.
VPS ? Centos, Windows or Debian - Your choice
PHP5 ? Yes we do! ClientExec? No Worries!
Do We Ride the Rails? Yes we do!
Move your sites to Dotable ? Yes we will!
Dotable Steve is offline  
Old 7th March 2008, 01:30 AM   #2 (permalink)
Samurai Pizza Cat
 
grafikat's Avatar
 
Join Date: Apr 2006
Posts: 28
Default
What is the direct url for squirrel? I don't have access to cpanel, due to firewall issues, and my client doesn't have the cpanel login handy, only his email log in
__________________
Hold it felonious feline! There are laws against pilfered pizzas!
grafikat is offline  
Old 7th March 2008, 01:52 AM   #3 (permalink)
E=mc²
 
Gerrit's Avatar
 
Join Date: May 2006
Location: Puerto Rico
Posts: 429
Default
http://yourdomain.com:2095/3rdparty/squirrelmail/src/webmail.php
__________________
Gerrit
SiriuS Website Design
Gerrit is offline  
Old 7th March 2008, 09:08 AM   #4 (permalink)
New Dotable member
 
Join Date: Dec 2006
Posts: 4
Default
"Horde webmail has had to be disabled temporarily on all servers."

How long does 'temporarily' mean?

How will this effect data stored in Hored, for example contact information, folders to store data etc?

Cheers,

Matt.
Matt is offline  
Old 7th March 2008, 11:19 AM   #5 (permalink)
Dotable Founder
 
Aussie Bob's Avatar
 
Join Date: Mar 2005
Location: Land down under
Posts: 3,678
Default
Temporarily, until cpanel release the patch. This is a very severe root breach, hence why we disabled Horde immediently. All data in Horde will remain there until it's reactivated.
Aussie Bob is offline  
Old 7th March 2008, 12:05 PM   #6 (permalink)
New Dotable member
 
Join Date: Dec 2006
Posts: 4
Default
Thanks AussieBob.
Matt is offline  
Old 7th March 2008, 12:12 PM   #7 (permalink)
Current Location: Mars :)
 
Join Date: Jun 2006
Posts: 259
Default
The patch has been available for some time now Bob.
Please get Steve to install it.
__________________
Cheers,
James
Reesy is offline  
Old 7th March 2008, 12:18 PM   #8 (permalink)
Dotable Founder
 
Aussie Bob's Avatar
 
Join Date: Mar 2005
Location: Land down under
Posts: 3,678
Default
Quote:
Originally Posted by Reesy View Post
The patch has been available for some time now Bob.
Ahhh, no it hasn't. We were the first host to actually make public this issue, as we were in phone contact with (anonymous) last night, so this is a very new issue. We shared this information that we received last night (around 16hrs ago from now) to several other hosts and they've disabled Horde too. This is a root breach, so the severity is extreme.
Aussie Bob is offline  
Old 7th March 2008, 12:50 PM   #9 (permalink)
Current Location: Mars :)
 
Join Date: Jun 2006
Posts: 259
Default
Hello Bob
This isnt my understanding...
SECURITY ALERT: Horde arbitrary file inclusion vulnerability. « cPanel Blog
Says its available yesterday?

I guess Steve was phone to Hostgator, who also disabled Horde before Dotable. However the difference is Hostgator gave details, Dotable just pulled the plug with no details and not even a "sorry for any inconvenience caused".
__________________
Cheers,
James
Reesy is offline  
Old 7th March 2008, 12:55 PM   #10 (permalink)
Dotable Founder
 
Aussie Bob's Avatar
 
Join Date: Mar 2005
Location: Land down under
Posts: 3,678
Default
No we weren't on the phone with HG as I believe they were first made aware of the exploit, but had not made the issue public yet. The fix wasn't available at the time we disabled Horde, some 16 hours ago. Check the time stamp of Steve's announcement and you'll see it was made before cpanel's security blog post.

Steve made this issue public over 16 hours ago (from the time of this post), before the security alert was posted on the cpanel blog, and I contacted several large hosts to let them know about the Horde exploit.
Aussie Bob is offline  
Closed Thread
Page 1 of 2 1 2 >

« Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



Go Back   Dotable - Dot your Domains™ > Dotable Announcement Forum
Horde Webmail Disabled Horde Webmail Disabled


All times are GMT +10. The time now is 10:57 AM.

Archive - Top

Home About Products F.A.Q Network Status Reasons Support Contact Search Terms

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.1.0