1 Topic by lght1

  • lght1
  • Member
  • Offline
  • Registered: 2019-01-25
  • Posts: 1

Topic: Are you affected by go-pear?

Hi,

It seems that pear php was compromised, and if someone downloaded go-pear.phar from their website it contained a reverse shell, I noticed the iRedMail has some pear folders/files, and I inspected the installer and didn't find calls to go-pear.phar.

Can you confirm that the install process did not use that file.

Thanks

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,091

Re: Are you affected by go-pear?

Short answer: not affected.

- iRedMail doesn't download this file directly from pear.php.net, so iRedMail itself is not directly affected.
- Roundcube doesn't ship this file, so Roundcube is not affected also.