Plesk, a popular server administration tool used by many web hosting companies, has a bug which allows remote users to view the source of .php hosted files. All versions prior to v2.0 are affected.
086915112cab9f9dc4dd1793e8217e3b54220f795ea7084a433c309e15fa6430twlc security divison
(21/12/2001)
plesk (psa) allows reading of .php files
Found by:
supergate
./twlc
Summary:
Plesk is a server admnistrator used by LOTS of web hosting companies to make easy the menagement of the server. Its a really cool software!! i work with it. This bug allows you to read the source of the hosted .php files.
Systems Affected:
All the versions before 2.0 seems to be affected (2.0 should be safe except if you got UserDir directive enabled)
Explanation:
Its really simple... I'll explain it with an example:
HOSTING_FOR_DUMMIES is running plesk, they host https://www.pleskrules.net that uses php, they run php nuke (note that this is just an example) so their configuration file with the database password is located in https://www.pleskrules.net/configure.php if we want to see the sources of this php (so the passwords) we only need to go there https://xxx.xxx.xxx.xxx/~pleskrules/configure.php where obviously 'xxx.xxx.xxx.xxx' stands for the ip of the domain pleskrules.net and '~pleskrules' is the username of the account of pleskrules.net (usually the name of the domain with ~ tilde before).
Plesk staff:
Has been contacted and in about an hour i had a reply. Really an ELEET bug support system!! The guy 'Anton' explained me that the problem has been fixed in 2.0 but it affects the previous versions. If you got it in 2.0 means that you have UserDir directive enabled! so thanks plesk ! eleet job. keep up the good work!!! plesk rules
Patch:
Upgrade to 2.0! (www.plesk.com) and if you are vulnerable with it turn off the userdir directive...
To do this make sure that you have this following in the httpd.conf file:
<IfModule mod_userdir.c>
UserDir disabled
</IfModule>
Conclusions:
This advisory has been released just to make safer the web hosting companies, (expecially the one who hosts our domain ehe) so DONT BE AN IDIOT (or a script kiddie) and DONT abuse of it. i again hope in human intelligence. peace people.
News about twlc.net
we are up again!!! THANKS UNIXRULES.NET FOR HOSTING LOVE <3 GUYS
greets:
all #twlc, #lt12, #./herb, #insight ;)
and for the tests yaroze and the admin of unixrules.net (LOVE)
and obviously Anton from plesk.com!
Posted at:
vuln-dev@securityfocus.com
bugtraq@securityfocus.com
bugreport@plesk.com
https://www.packetstormsecurity.org
https://www.twlc.net/
https://www.twlc.net/article.php?sid=499
Contacts (bugs, ideas, insults, cool girls... remember that trojans and flames are directed to /dev/null):
supergate@twlc.net
https://www.twlc.net
bella;)
eof 
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed