Facebook
Twitter
---------------------------------------------------------------
PRODUCT, VERSION, MICROUPDATE, OPERATING SYSTEM, ARCHITECTURE
Parallels Plesk Pannel 11.0.9, CentOS 6.5
PROBLEM DESCRIPTION
I did a scan at SoftLayer and they show this vulnerability at https (443/tcp) and http (80/tcp):
Synopsis :
The remote web server hosts an application framework written in PHP.
Description :
The remote web server is running Horde, an open source, PHP-based
application framework from The Horde Project. This installation was
detected on a web server configured with Parallels Plesk Panel, a web
hosting control panel. Plesk pre-configures the Horde install with a
virtual host such as 'horde.webmail.' or 'webmail.', depending on the
host operating system Plesk is installed on. This virtual host
configuration can cause the Horde install to not be scanned by Nessus
unless the specific named host is scanned (for example,
'horde.webmail.example.com'). By not scanning the 'horde.webmail' or
'webmail.' named host, vulnerabilities within the installed version of
Horde may go undetected.
Solution :
Conduct a review of the Plesk administrative panel to ensure all
applications are updated to the most up-to-date versions.
Risk factor :
High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C
/I/A)
Plugin output :
Nessus was able to verify that Horde is installed with the following
request :
GET /imp/login.php HTTP/1.1
Host: horde.webmail.MYSERVERIP-static.reverse.softlayer.com
Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1
Accept-Language: en
Connection: Close
Referer: http://MYSERVERIP-static.reverse.softlayer.com/login.php
Cookie: auth_key=kehtglg3n2qhom9mrkqq2pgkg3; Horde3=kehtglg3n2qhom9mrkqq2pgkg3
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Pragma: no-cache
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
Nessus ID : 66175
STEPS TO REPRODUCE
I follow the solution they suggest, without success:
Install the patch http://kb.parallels.com/Attachments/19039/Attachments/patch Horde 3.1.7.zip at /usr/share/psa-horde/lib/Horde/
ACTUAL RESULT
I still get the vulnerability warning according to SoftLayer scan
EXPECTED RESULT
No vulnerabilities
ANY ADDITIONAL INFORMATION
--------------------------------------------------------------
PRODUCT, VERSION, MICROUPDATE, OPERATING SYSTEM, ARCHITECTURE
Parallels Plesk Pannel 11.0.9, CentOS 6.5
PROBLEM DESCRIPTION
I did a scan at SoftLayer and they show this vulnerability at https (443/tcp) and http (80/tcp):
Synopsis :
The remote web server hosts an application framework written in PHP.
Description :
The remote web server is running Horde, an open source, PHP-based
application framework from The Horde Project. This installation was
detected on a web server configured with Parallels Plesk Panel, a web
hosting control panel. Plesk pre-configures the Horde install with a
virtual host such as 'horde.webmail.' or 'webmail.', depending on the
host operating system Plesk is installed on. This virtual host
configuration can cause the Horde install to not be scanned by Nessus
unless the specific named host is scanned (for example,
'horde.webmail.example.com'). By not scanning the 'horde.webmail' or
'webmail.' named host, vulnerabilities within the installed version of
Horde may go undetected.
Solution :
Conduct a review of the Plesk administrative panel to ensure all
applications are updated to the most up-to-date versions.
Risk factor :
High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C
/I/A)Plugin output :
Nessus was able to verify that Horde is installed with the following
request :
GET /imp/login.php HTTP/1.1
Host: horde.webmail.MYSERVERIP-static.reverse.softlayer.com
Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1
Accept-Language: en
Connection: Close
Referer: http://MYSERVERIP-static.reverse.softlayer.com/login.php
Cookie: auth_key=kehtglg3n2qhom9mrkqq2pgkg3; Horde3=kehtglg3n2qhom9mrkqq2pgkg3
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Pragma: no-cache
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
Nessus ID : 66175
STEPS TO REPRODUCE
I follow the solution they suggest, without success:
Install the patch http://kb.parallels.com/Attachments/19039/Attachments/patch Horde 3.1.7.zip at /usr/share/psa-horde/lib/Horde/
ACTUAL RESULT
I still get the vulnerability warning according to SoftLayer scan
EXPECTED RESULT
No vulnerabilities
ANY ADDITIONAL INFORMATION
--------------------------------------------------------------
