-
Feb 10, 2012, 07:06 AM
#1
Critical Security Patch - Plesk 10.3.1
Hello,
The critical security patch notification released 2/9/2012 suggests updating to Plesk 10.3.1 MicroUpdate #6 or later to resolve the vulnerability. My version of Plesk does not list MicroUpdate number. Instead Plesk gives this version: psa v10.3.1_build20110630.16. Is my version of Plesk vulnerable? Where do I find MicroUpdate number in Plesk 10.3.1? Thank you.
Last edited by ScottT; Feb 10, 2012 at 10:12 AM.
Reason: Clarity
-
Feb 10, 2012, 09:19 AM
#2
Hmmm, I'd like to know the answer to this too. I'd also like to know, if this is only a risk to Plesk Panel if access to the the control panel is publicly available.
-
Feb 10, 2012, 09:11 PM
#3
Parallels Team
You can find number of installed microupdate with following command:
# cat /root/.autoinstaller/microupdates.xml
It is described in KB article Using Micro-Updates in Parallels Plesk Panel 9.x, 10.x, and Parallels Small Business Panel
-
Feb 13, 2012, 11:03 AM
#4
These instruction are for linux/unix. How do I find microupdate# in Windows?
-
Feb 13, 2012, 11:26 PM
#5
Parallels Team
Look at C:\PleskInstaller\microupdates.xml
-
Feb 14, 2012, 08:34 AM
#6
My server does not have a PleskInstaller directory. I located microupdates.xml in another directory. Here are the contents:
<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
<patches>
<product id="panel" version="10.3.1">
<patch version="10" timestamp="" />
</product>
</patches>
So, it appears I have MU #10 and my server is not vulnerable. Thanks for your help.
Last edited by ScottT; Feb 14, 2012 at 08:36 AM.
-
Feb 14, 2012, 10:45 PM
#7
Parallels Team
Yes, you have installed this microupdate - http://kb.parallels.com/en/112463
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
Reply With Quote