NOTE: The issue has been completely fixed in the Plesk 8.6 MU#2, 9.5 MU#11, 10.3 MU#5, and later version.Please refer to the /9294 to check the Micro-update version installed.
This vulnerability allows an anonymous attacker to compromise a Plesk server.
1\. Create temorary directory:
# mkdir plesk_remote_vulnerability_fix_deployer
2\. Go to created directory:
# cd plesk_remote_vulnerability_fix_deployer
3\. Download attached archive plesk\_remote\_vulnerability\_fix\_deployer.tar.gz (md5sum: 91113205737ca1034967275543ade79b) and decompress it:
# wget http://kb.plesk.com/Attachments/18827/Attachments/plesk_remote_vulnerability_fix_deployer.tar.gz
# tar -xzf plesk_remote_vulnerability_fix_deployer.tar.gz
4\. Run following command from created temporary directory:
# /usr/local/psa/admin/bin/php plesk_remote_vulnerability_fix_deployer.php
There are two related articles for other platforms and versions of Plesk: