High Security Flaw !!! Please read, all.

[3ASistemi]

Hi all,
Some weeks ago someone hacked our webserver...

We've made some researches and test and we've found a security flaw on the following pages:

login.php3
login_up.php
top.php3

This flaw can permit an attacker to read files that are stored on the hd.

Example:

https://URLOFTHEPLESKPANEL/login_up...cale_id=../../../../../../../../boot.ini.jpg

We've tested it with plesk for windows 8.1 and 8.1.1, but we didn't found any information on this exploit. Is there already an hotfix? How can we solve that?

 

[pdreissen]

Unbelievable that nobody gives any response on this. That's why i really think that the majority of all users here don't care about security.

Can confirm the above, this is really a big issue.

Can someone of Plesk also check on this and give us at least any response ?

I believe Plesk stores the admin password in plain text in a file. With the above issue it is possible to retreive this file ?

 

[kami@]

I tested it on my plesk 8.1.0 and did not find any security problem.
Also I tried it on Swsoft demo site for windows:
https://plesk8.1win.demo.swsoft.com...cale_id=../../../../../../../../boot.ini.jpg

Am I missing something???

 

[pdreissen]

Well i see the content of the file don't YOU ?

 

[sullo]

I can't duplicate on my CentOS installation (changing to a unix file and not the Win file), so this may be a Windows only flaw.

Did anyone open a support ticket?

 

[3ASistemi]

see the picture, please

Please,
swsoft programmers, see the picture attach,
and resolve this BIG HOLE security...

The problem persist in 8.1 and 8.1.1 versione
of Windows Plesk.
P.S. The 8.1.1 is a fresh installation of windows
server 2003 web edition and plesk...


... excuse me, why don't see my attach ?
The picture is 87Kb ???

 

[OlegB]

http://kb.swsoft.com/en/1798