Parallels Plesk Panel Insecure File Permissions Vulnerability
BID:53264
Info
Parallels Plesk Panel Insecure File Permissions Vulnerability
| Bugtraq ID: | 53264 |
| Class: | Design Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 26 2012 12:00AM |
| Updated: | Apr 26 2012 12:00AM |
| Credit: | Nicolas Krassas |
| Vulnerable: |
Parallels Parallels Plesk Panel 9.5 Parallels Parallels Plesk Panel 9.3 |
| Not Vulnerable: | |
Discussion
Parallels Plesk Panel Insecure File Permissions Vulnerability
Parallels Plesk Panel is prone to an insecure file-permission vulnerability.
An attacker can exploit this issue to obtain sensitive information such as admin password. This may aid in further attacks.
Parallels Plesk Panel is prone to an insecure file-permission vulnerability.
An attacker can exploit this issue to obtain sensitive information such as admin password. This may aid in further attacks.
Exploit / POC
Parallels Plesk Panel Insecure File Permissions Vulnerability
An attacker can use readily available commands to exploit this issue.
An attacker can use readily available commands to exploit this issue.
Solution / Fix
Parallels Plesk Panel Insecure File Permissions Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].