W
wilke
Guest
So I received this notice yesterday about the SQL Injection vulnerability in Plesk 8.2.0 for Linux.
http://packetstorm.offensive-security.com/0709-exploits/hackersafe-plesk.txt
In this document contained a link to sw-soft's webpage which included a "Fix" for the issue. I downloaded and replaced my auth.php3 and now I cannot access plesk at all.
When I goto the login page I now get this error, "This file is part of Plesk distribution. It cannot be run outside of Plesk environment."
I looked at the announcements forum to find out swsoft was pushing a completely different patch for this on a different file. I have updated this file now too however I get the same error. Any assistance would be greatly appreciated.
Does anyone have a copy of auth.php3 for Linux? looks like the initial advisory that I downloaded was for windows boxes only ;(
http://packetstorm.offensive-security.com/0709-exploits/hackersafe-plesk.txt
In this document contained a link to sw-soft's webpage which included a "Fix" for the issue. I downloaded and replaced my auth.php3 and now I cannot access plesk at all.
When I goto the login page I now get this error, "This file is part of Plesk distribution. It cannot be run outside of Plesk environment."
I looked at the announcements forum to find out swsoft was pushing a completely different patch for this on a different file. I have updated this file now too however I get the same error. Any assistance would be greatly appreciated.
Does anyone have a copy of auth.php3 for Linux? looks like the initial advisory that I downloaded was for windows boxes only ;(