exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

twlc-adv-plesk211201.txt

twlc-adv-plesk211201.txt
Posted Dec 26, 2001
Authored by twlc, Supergate | Site twlc.net

Plesk, a popular server administration tool used by many web hosting companies, has a bug which allows remote users to view the source of .php hosted files. All versions prior to v2.0 are affected.

tags | exploit, remote, web, php
SHA-256 | 086915112cab9f9dc4dd1793e8217e3b54220f795ea7084a433c309e15fa6430

twlc-adv-plesk211201.txt

Change Mirror Download
twlc security divison
(21/12/2001)

plesk (psa) allows reading of .php files

Found by:
supergate
./twlc

Summary:
Plesk is a server admnistrator used by LOTS of web hosting companies to make easy the menagement of the server. Its a really cool software!! i work with it. This bug allows you to read the source of the hosted .php files.

Systems Affected:
All the versions before 2.0 seems to be affected (2.0 should be safe except if you got UserDir directive enabled)

Explanation:
Its really simple... I'll explain it with an example:
HOSTING_FOR_DUMMIES is running plesk, they host http://www.pleskrules.net that uses php, they run php nuke (note that this is just an example) so their configuration file with the database password is located in http://www.pleskrules.net/configure.php if we want to see the sources of this php (so the passwords) we only need to go there http://xxx.xxx.xxx.xxx/~pleskrules/configure.php where obviously 'xxx.xxx.xxx.xxx' stands for the ip of the domain pleskrules.net and '~pleskrules' is the username of the account of pleskrules.net (usually the name of the domain with ~ tilde before).

Plesk staff:
Has been contacted and in about an hour i had a reply. Really an ELEET bug support system!! The guy 'Anton' explained me that the problem has been fixed in 2.0 but it affects the previous versions. If you got it in 2.0 means that you have UserDir directive enabled! so thanks plesk ! eleet job. keep up the good work!!! plesk rules

Patch:
Upgrade to 2.0! (www.plesk.com) and if you are vulnerable with it turn off the userdir directive...
To do this make sure that you have this following in the httpd.conf file:
<IfModule mod_userdir.c>
UserDir disabled
</IfModule>

Conclusions:
This advisory has been released just to make safer the web hosting companies, (expecially the one who hosts our domain ehe) so DONT BE AN IDIOT (or a script kiddie) and DONT abuse of it. i again hope in human intelligence. peace people.

News about twlc.net
we are up again!!! THANKS UNIXRULES.NET FOR HOSTING LOVE <3 GUYS

greets:
all #twlc, #lt12, #./herb, #insight ;)
and for the tests yaroze and the admin of unixrules.net (LOVE)
and obviously Anton from plesk.com!

Posted at:
vuln-dev@securityfocus.com
bugtraq@securityfocus.com
bugreport@plesk.com
http://www.packetstormsecurity.org
http://www.twlc.net/
http://www.twlc.net/article.php?sid=499

Contacts (bugs, ideas, insults, cool girls... remember that trojans and flames are directed to /dev/null):

supergate@twlc.net

http://www.twlc.net

bella;)

eof
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close