• Dear Pleskians! The Plesk Forum will be undergoing scheduled maintenance on Monday, 7th of July, at 9:00 AM UTC. The expected maintenance window is 2 hours.
    Thank you in advance for your patience and understanding on the matter.

New vulnerability? (plesk 9.5.4)

Me too

Same thing to me . I had to change my plesk server toward 10.4.
I don't still find the way they hack the panel plesk account.
Take care, i just delete all infected files (.pl .cgi, disable perl and cgi, it has bee hacked one more time after a week...
 
Yes me too

Hello ;

I got the same thing , things i dont understand :

- Why PLESK create a file with (0 bytes ) with system user ( for suspended domains ) in /var/spool/cron ????

- Users have no privilege to create cron jobs, how can hackers create files with users names in /var/spool/cron ?

Thanks
 
You must log in or register to reply here.

Similar threads

T
Issue After moving subscription, users receive message "Your subscription was removed", Cannot create new webspace.
Replies
2
Views
2K
thespark
T
L
Migrate to Plesk on AWS from Plesk, cPanel or DirectAdmin
Replies
0
Views
5K
Lukas Hertig
L
V
Google PageSpeed Insights – How to optimize your site to rank higher
Replies
1
Views
5K
Andrew Roy
Andrew Roy
custer
Removing deadweight in Plesk Onyx
Replies
0
Views
11K
custer
custer
S
Critical Plesk vulnerability
Replies
6
Views
5K
IgorG
IgorG
Back
Top