{"id":218,"date":"2013-04-15T11:00:58","date_gmt":"2013-04-15T09:00:58","guid":{"rendered":"http:\/\/blog.united-hoster.de\/?p=218"},"modified":"2016-07-28T14:45:58","modified_gmt":"2016-07-28T12:45:58","slug":"achtung-parallels-informiert-uber-sicherheitslucke-in-plesk","status":"publish","type":"post","link":"https:\/\/www.united-hoster.de\/blog\/achtung-parallels-informiert-uber-sicherheitslucke-in-plesk\/","title":{"rendered":"Achtung! Parallels informiert \u00fcber Sicherheitsl\u00fccke in PLESK"},"content":{"rendered":"<p>Sehr geehrte User mit VPS + PLESK Installationen.<\/p>\n<p>Bitte beachten Sie folgenden Eintrag und handeln Sie entsprechend:<\/p>\n<p>SECURITY ADVISORY: Parallels Plesk Panel 9.x, 10.x, 11.x &#8211;<br \/>\nPrivilege Escalation Vulnerability<\/p>\n<p>Parallels Customer,<\/p>\n<p>Please read this message in its entirety and take the recommended<br \/>\nactions.<\/p>\n<p>SITUATION<\/p>\n<p>Parallels Plesk Panel privilege escalation vulnerabilities have<br \/>\nbeen discovered and are described in VU#310500 and CVE-2013-0132,<br \/>\nCVE-2013-0133<br \/>\n(CVSS score 4.4 &#8211;\u00a0<a href=\"http:\/\/www.kb.cert.org\/vuls\/id\/310500).\" target=\"_blank\">http:\/\/www.kb.cert.org\/vuls\/id\/310500).<\/a><\/p>\n<p>IMPACT<\/p>\n<p>This impacts Parallels Plesk Panel for Linux versions 9.x, 10.x,<br \/>\n11.x.<\/p>\n<p>You are at risk if you have Apache web server running mod_php,<br \/>\nmod_perl, mod_python, etc.<\/p>\n<p>You are NOT at risk if you have Apache web server running Fast<br \/>\nCGI (PHP, perl, python, etc.) or CGI (PHP, perl, python, etc.).<\/p>\n<p>SOLUTION<\/p>\n<p>Parallels has issued security updates for Parallels Plesk Panel<br \/>\nversions 9.x-11.x. The security updates for Parallels Plesk Panel<br \/>\n11.x and Parallels Plesk Panel 10.4.4 will automatically appear<br \/>\ninside your Parallels Plesk Panel control panel &#8211; please apply<br \/>\nthem as soon as possible.<\/p>\n<p>The security hotfix for Parallels Plesk 9.x is available for<br \/>\ndownload here:\u00a0<a href=\"http:\/\/kb.parallels.com\/115942\" target=\"_blank\">http:\/\/kb.parallels.com\/115942<\/a><\/p>\n<p>WORKAROUND<\/p>\n<p>Parallels understands that it&#8217;s not always practical for<br \/>\nimmediate upgrades, so we have provided a solution to fix this<br \/>\nvulnerability. For the immediate solution, customers should read<br \/>\nthis knowledge base article for instructions:<br \/>\n<a href=\"http:\/\/kb.parallels.com\/115942.\" target=\"_blank\">http:\/\/kb.parallels.com\/115942.<\/a><\/p>\n<p>Parallels takes the security of our customers very seriously and<br \/>\nencourages you to take the recommended actions as soon as<br \/>\npossible.<\/p>\n<p>Mit freundlichen Gr\u00fc\u00dfen \/ Best Regards<\/p>\n<p>Andreas Wagner<br \/>\nBusiness Support | united hoster GmbH<br \/>\nSteinpilzweg 31<br \/>\n70599 Stuttgart<br \/>\nFon +49(0)711.169173-50<br \/>\nFax +49(0)711.169173-60<\/p>\n<p>Mail support@united-hoster.de &lt;mailto:support@united-hoster.de&gt;<\/p>\n<p>UStID-Nr.: DE232931215 \u2013 Steuer-Nr.: 59350\/50243 \u2013 Registergericht: Amtsgericht Stuttgart, HRB 214534<br \/>\nGesch\u00e4ftsf\u00fchrer: Alexander Pelz<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Sehr geehrte User mit VPS + PLESK Installationen. Bitte beachten Sie folgenden Eintrag und handeln Sie entsprechend: SECURITY ADVISORY: Parallels<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[19],"tags":[],"class_list":["post-218","post","type-post","status-publish","format-standard","hentry","category-sicherheit"],"_links":{"self":[{"href":"https:\/\/www.united-hoster.de\/blog\/wp-json\/wp\/v2\/posts\/218","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.united-hoster.de\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.united-hoster.de\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.united-hoster.de\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.united-hoster.de\/blog\/wp-json\/wp\/v2\/comments?post=218"}],"version-history":[{"count":1,"href":"https:\/\/www.united-hoster.de\/blog\/wp-json\/wp\/v2\/posts\/218\/revisions"}],"predecessor-version":[{"id":219,"href":"https:\/\/www.united-hoster.de\/blog\/wp-json\/wp\/v2\/posts\/218\/revisions\/219"}],"wp:attachment":[{"href":"https:\/\/www.united-hoster.de\/blog\/wp-json\/wp\/v2\/media?parent=218"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.united-hoster.de\/blog\/wp-json\/wp\/v2\/categories?post=218"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.united-hoster.de\/blog\/wp-json\/wp\/v2\/tags?post=218"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}