TRACE/TRACK XSS Vulnerability Plesk Patch Patching vhost.conf, vhost_ssl.conf files and skeleton tree. (http://www.kb.cert.org/vuls/id/867593 ) Copyright 2005 GARM Technologies (http://www.garmtech.lv) Concept and code by Max Korzhanov (firstname.lastname@example.org) Tested on:Virtuozzo VPS, Fedora Core 1, Plesk 7.5.2Virtuozzo VPS, Fedora Core 2, Plesk 7.5.2 Should be okay on RedHat, Fedora Core and CentOS systems and Plesk 7.x. I would appreciate for your comments about running on other systems and Plesk versions. Web/HTTP installation Download TRACKPATCH.sh file from http://www.garmtech.lv/web/TRACEPATCH.sh to your local hard drive. Login intro Plesk as administrator (admin). Choose Modules management menu. Click on Add Module button. Using "Browse..." button choose downloaded TRACKPATCH.sh file. Press "OK". Server is patched! Terminal/SSH installation Login intro your Plesk server as root.Code: # wget http://www.garmtech.lv/web/TRACEPATCH.sh # chmod +x TRACEPATCH.sh # ./TRACEPATCH.sh Press Enter. Server is patched! Uninstall (Only in Terminal/SSH) Login intro your Plesk server as root.Code: # wget http://www.garmtech.lv/web/TRACEPATCH.sh # chmod +x TRACEPATCH.sh # ./TRACEPATCH.sh -d Press Enter. Server is clean from patch as a baby's bottom! P.S. As I said before: I would appreciate for any your comments.