[FIX] Older Plesk Versions - Security Update Custom Fixes for Linux, February 2012

Refers to:

  • Plesk 10.3 for Linux
  • Plesk 9.x and below for Linux
  • Plesk 10.0.0 for Linux
  • Plesk 10.1 for Linux
  • Plesk 10.2 for Linux

Created:

2016-11-16 12:56:26 UTC

Modified:

2016-12-21 19:35:15 UTC

0

Was this article helpful?


Have more questions?

Submit a request

[FIX] Older Plesk Versions - Security Update Custom Fixes for Linux, February 2012

Introduction

NOTE: The issue has been completely fixed in the Plesk 8.6 MU#2, 9.5 MU#11, 10.3 MU#5, and later version.Please refer to the /9294 to check the Micro-update version installed.

This vulnerability allows an anonymous attacker to compromise a Plesk server.

Resolution

1\. Create temorary directory:

# mkdir plesk_remote_vulnerability_fix_deployer

2\. Go to created directory:

# cd plesk_remote_vulnerability_fix_deployer

3\. Download attached archive plesk\_remote\_vulnerability\_fix\_deployer.tar.gz (md5sum: 91113205737ca1034967275543ade79b) and decompress it:

# wget http://kb.plesk.com/Attachments/18827/Attachments/plesk_remote_vulnerability_fix_deployer.tar.gz
# tar -xzf plesk_remote_vulnerability_fix_deployer.tar.gz

4\. Run following command from created temporary directory:

# /usr/local/psa/admin/bin/php plesk_remote_vulnerability_fix_deployer.php

Additional information

There are two related articles for other platforms and versions of Plesk:

[FIX] Remote vulnerability in Plesk

[FIX] SQL Injection vulnerability in Plesk session on Linux

Have more questions? Submit a request
Please sign in to leave a comment.