CVE-2010-1638 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1638): The IMP plugin in Horde allows remote attackers to bypass firewall restrictions and use Horde as a proxy to scan internal networks via a crafted request to an unspecified test script. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation.
Horde ebuilds now show an ewarn to consult the SECURITY guide before providing Horde in a production environment. That's all we can do. Closing noglsa.