TRACE/TRACK XSS Vulnerability Plesk Patch

[GARMTECH]

TRACE/TRACK XSS Vulnerability Plesk Patch
Patching vhost.conf, vhost_ssl.conf files and skeleton tree.
(http://www.kb.cert.org/vuls/id/867593 )

Copyright 2005 GARM Technologies (http://www.garmtech.lv)
Concept and code by Max Korzhanov ([email protected])

Tested on:

• Virtuozzo VPS, Fedora Core 1, Plesk 7.5.2
• Virtuozzo VPS, Fedora Core 2, Plesk 7.5.2

Should be okay on RedHat, Fedora Core and CentOS systems and Plesk 7.x.
I would appreciate for your comments about running on other systems and Plesk versions.

Web/HTTP installation
Download TRACKPATCH.sh file from http://www.garmtech.lv/web/TRACEPATCH.sh to your local hard drive.
Login intro Plesk as administrator (admin).
Choose Modules management menu.
Click on Add Module button.
Using "Browse..." button choose downloaded TRACKPATCH.sh file.
Press "OK".
Server is patched!

Terminal/SSH installation
Login intro your Plesk server as root.

 # wget http://www.garmtech.lv/web/TRACEPATCH.sh
 # chmod +x TRACEPATCH.sh
 # ./TRACEPATCH.sh

Press Enter.
Server is patched!

Uninstall (Only in Terminal/SSH)
Login intro your Plesk server as root.

 # wget http://www.garmtech.lv/web/TRACEPATCH.sh
 # chmod +x TRACEPATCH.sh
 # ./TRACEPATCH.sh -d

Press Enter.
Server is clean from patch as a baby's bottom!

P.S. As I said before: I would appreciate for any your comments.