1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice

TRACE/TRACK XSS Vulnerability Plesk Patch

Discussion in 'Plesk for Linux - 8.x and Older' started by GARMTECH, Apr 21, 2005.

  1. GARMTECH

    GARMTECH Guest

    0
     
    TRACE/TRACK XSS Vulnerability Plesk Patch
    Patching vhost.conf, vhost_ssl.conf files and skeleton tree.
    (http://www.kb.cert.org/vuls/id/867593 )

    Copyright 2005 GARM Technologies (http://www.garmtech.lv)
    Concept and code by Max Korzhanov (mk@garmtech.lv)

    Tested on:
    • Virtuozzo VPS, Fedora Core 1, Plesk 7.5.2
    • Virtuozzo VPS, Fedora Core 2, Plesk 7.5.2
    Should be okay on RedHat, Fedora Core and CentOS systems and Plesk 7.x.
    I would appreciate for your comments about running on other systems and Plesk versions.

    Web/HTTP installation
    Download TRACKPATCH.sh file from http://www.garmtech.lv/web/TRACEPATCH.sh to your local hard drive.
    Login intro Plesk as administrator (admin).
    Choose Modules management menu.
    Click on Add Module button.
    Using "Browse..." button choose downloaded TRACKPATCH.sh file.
    Press "OK".
    Server is patched!

    Terminal/SSH installation
    Login intro your Plesk server as root.
    Code:
     # wget http://www.garmtech.lv/web/TRACEPATCH.sh
     # chmod +x TRACEPATCH.sh
     # ./TRACEPATCH.sh
    Press Enter.
    Server is patched!

    Uninstall (Only in Terminal/SSH)
    Login intro your Plesk server as root.
    Code:
     # wget http://www.garmtech.lv/web/TRACEPATCH.sh
     # chmod +x TRACEPATCH.sh
     # ./TRACEPATCH.sh -d
    Press Enter.
    Server is clean from patch as a baby's bottom!

    P.S. As I said before: I would appreciate for any your comments.
     
Loading...