1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Critical Security Patch - Plesk 10.3.1

Discussion in 'Plesk 10.x for Windows Issues, Fixes, How-To' started by ScottT, Feb 10, 2012.

  1. ScottT

    ScottT Guest

    0
     
    Hello,

    The critical security patch notification released 2/9/2012 suggests updating to Plesk 10.3.1 MicroUpdate #6 or later to resolve the vulnerability. My version of Plesk does not list MicroUpdate number. Instead Plesk gives this version: psa v10.3.1_build20110630.16. Is my version of Plesk vulnerable? Where do I find MicroUpdate number in Plesk 10.3.1? Thank you.
     
    Last edited by a moderator: Feb 10, 2012
  2. rick.pri

    rick.pri Guest

    0
     
    Hmmm, I'd like to know the answer to this too. I'd also like to know, if this is only a risk to Plesk Panel if access to the the control panel is publicly available.
     
  3. IgorG

    IgorG Forums Analyst Staff Member

    49
    24%
    Joined:
    Oct 27, 2009
    Messages:
    24,572
    Likes Received:
    1,243
    Location:
    Novosibirsk, Russia
  4. ScottT

    ScottT Guest

    0
     
    These instruction are for linux/unix. How do I find microupdate# in Windows?
     
  5. IgorG

    IgorG Forums Analyst Staff Member

    49
    24%
    Joined:
    Oct 27, 2009
    Messages:
    24,572
    Likes Received:
    1,243
    Location:
    Novosibirsk, Russia
    Look at C:\PleskInstaller\microupdates.xml
     
  6. ScottT

    ScottT Guest

    0
     
    My server does not have a PleskInstaller directory. I located microupdates.xml in another directory. Here are the contents:

    <?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
    <patches>
    <product id="panel" version="10.3.1">
    <patch version="10" timestamp="" />
    </product>
    </patches>


    So, it appears I have MU #10 and my server is not vulnerable. Thanks for your help.
     
    Last edited by a moderator: Feb 14, 2012
  7. IgorG

    IgorG Forums Analyst Staff Member

    49
    24%
    Joined:
    Oct 27, 2009
    Messages:
    24,572
    Likes Received:
    1,243
    Location:
    Novosibirsk, Russia
Loading...