mailing list archives
Re: Plesk Apache Zeroday Remote Exploit
From: アドリアンヘンドリック <unixfreaxjp22 () gmail com>
Date: Fri, 7 Jun 2013 14:44:56 +0900
* Please keep headers intact.
Thank's to King Cope for announcing the PoC which affected Plesk versions
mentioned that's having the PHP's CGI CVE-2012-1823 vulnerability.
Plesk is vulnerable to this flaw disregards on the its php configuration,
and is a must fix.
I suggest Plesk to quick patch this zeroday since a lot of vulnerable
servers already spotted in my territory already with the collection of the
You can use the PHP CGI Argument Injection metasploit modules to reproduce
Any mitigation method forCVE-2012-1823 can be used for the temporary
solution, i.e.: http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/
The details of php flaw itself can be viewed here:
reflected into the module source code below:
The point is how CVE-2012-1823 can still be applied to the vulnerable php
based panels, whether other products are affected or not is worth to check.
Thank's to King Cope for announcing the flaw. To Nicolas Krassas, Bart
Blaze & Larry W Cashdollar, for helping in checking this important flaw.
unixfreaxjp () malwaremusdie org
Am 06.06.2013 um 04:28 schrieb Kingcope <isowarez.isowarez.isowarez at
* Dave ,*>* Again bla bla,*>* Dont Lie!!! I tested and it Works proper !! Tested on Centos Red Hat Debian FreeBSD !!
Pure Remote in the Wild !! Better Patch Ur Servers and Check Ur perimeter than Telling lies.*>* *>* Me mixanaki Kai
Computer Kai flogera!*>* *>* Cheerio,*>* *>* Kctherookie*
* *>* From: king cope <isowarez.isowarez.isowarez () googlemail com>*>* Date: Wed, 5 Jun 2013 18:37:38 +0200*>* Please
keep headers intact.*>* *>* Engineered by Kingcope*>* *>* Copyright (C)2013 Kingcope*>* Attachment:
pleskwwwzeroday.rar*>* _______________________________________________*>* Full-Disclosure - We believe in it.*>*
Charter: http://lists.grok.org.uk/full-disclosure-charter.html*>* Hosted and sponsored by Secunia -
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/