• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue Can kernel be updated in Centos without breaking Plesk.

P

Paul Larson

Basic Pleskian
A Centos/Plesk server of ours failed a PCI compliance test. The vulnerability cites a Linux 4.4 kernel, yet I'm running 3.1.

Server Details:
  • CentOS Linux release 7.8.2003 (Core)
  • 18.0.29.3 Plesk Obsidian 18.0
  • CentOS Linux release 7.8.2003 (Core)

Derived from Red Hat Enterprise Linux 7.8 (Source)


NAME="CentOS Linux"

Question: Could I update the kernel to a 4.4+ version w/o breaking Plesk?

I see no way to remediate the CVE without updating the kernel.

I found this HowTo for updating the Kernel within CentOs, but not sure if this could harm Plesk.

phoenixnap.com

How to Upgrade the Linux Kernel on CentOS and Rocky Linux

Upgrade the Linux Kernel in CentOS and Rocky Linux to improve your system's security, functionality, and performance.
phoenixnap.com

PCI Failure details
CVE Title:
CPE Based Vulnerabilities for Linux 4.4
Impact:
One or more vulnerabilities have been found that affect this service. Please see the relevant CVEs for more details.

Resolution:
Apply the latest vendor patches to your operating system: Linux 4.4

Summary

7.1

CVE Score
CVE-2018-10938 7.1
CVE-2016-2143 6.9
CVE-2016-2854 4.6
CVE-2017-7273 4.6
CVE-2016-2853 4.4
Click to expand...
 

Attachments

  • Screen Shot 2020-09-10 at 9.19.29 AM.png
    Screen Shot 2020-09-10 at 9.19.29 AM.png
    124.4 KB · Views: 4
If you are updating the kernel from the official OS vendor repository, then it is safe for Plesk.
 
You must log in or register to reply here.

Similar threads

P
Question PCI Compliance, remediate Linux 4.4 CVE-2018, etc
Replies
2
Views
1K
Paul Larson
P
N
Issue Plesk Obsidian 18.0.29 update makes my Wordpress sites malfunction - [UPDATE] issue is related with restrict symbolic links setting enabled PPPM-5348
Replies
14
Views
5K
Necroman
N
learning_curve
Resolved Updating Plesk Onyx, But Without Waiting For Plesk Updates
Replies
5
Views
3K
learning_curve
learning_curve
J
Vulnerability in ProFTP 1.3.3d (PCI Compliance)
Replies
4
Views
3K
JohnToTheK
J
Back
Top