Quantcast
Channel: Go Daddy BlogGoDaddy Product Blog | GoDaddy Support
Viewing all articles
Browse latest Browse all 62

Parallels Security Issue – Privilege Escalation Vulnerability

0
0

Parallels recently sent out this Security Advisory.

Parallels Plesk Panel 9.x, 10.x, 11.x – Privilege Escalation Vulnerability

Parallels Customer,
Please read this message in its entirety and take the recommended actions.

Situation

Parallels Plesk Panel privilege escalation vulnerabilities have been discovered and are described in VU#310500 and CVE-2013-0132, CVE-2013-0133 (CVSS score 4.4 – http://www.kb.cert.org/vuls/id/310500).

Impact

This impacts Parallels Plesk Panel for Linux versions 9.x, 10.x, 11.x.

You are at risk if you have Apache web server running mod_php, mod_perl, mod_python, etc.

You are NOT at risk if you have Apache web server running Fast CGI (PHP, perl, python, etc.) or CGI (PHP, perl, python, etc.).

Solution

Parallels has issued security updates for Parallels Plesk Panel versions 9.x-11.x. The security updates for Parallels Plesk Panel 11.x and Parallels Plesk Panel 10.4.4 will automatically appear inside your Parallels Plesk Panel control panel – please apply them as soon as possible.

The security hotfix for Parallels Plesk 9.x is available for download here: http://kb.parallels.com/115942.

Workaround

Parallels understands that it’s not always practical for immediate upgrades, so we have provided a solution to fix this vulnerability. For the immediate solution, customers should read this knowledge base article for instructions: http://kb.parallels.com/115942.

Parallels takes the security of our customers very seriously and encourages you to take the recommended actions as soon as possible.

Customers are also strongly encouraged to subscribe to our support e-mails by clicking here, subscribe to our RSS feed here and add our Knowledge Base browser plug-in here.


Viewing all articles
Browse latest Browse all 62

Latest Images

Trending Articles





Latest Images