Nueva nota de Parallels que nos informa de la liberación de micro-updates para corregir fallos de seguridad. En este caso parece estar relacionado con le cambio de password del usuario admin. Según indican el fallo permitiría cambiar el password del usuario admin usando un usuario de autorizado de Plesk ( un usuario del sistema ).
Dear Parallels Plesk Panel Customer,
Parallels has issued a security hotfix to Parallels Plesk Panel 10.0.1 through the Micro-Updates system.
It is referenced as MU#2 – Plesk admin password changing.
The Micro-Update delivers bug fix for a vulnerability that could allow authorized Plesk users to change Plesk ‘admin’ password and then compromise Control Panel.
For instructions on implementing Micro-updates, please refer to:
http://kb.parallels.com/en/9294 – Using Micro-Updates in Parallels Plesk Panel 9.x, 10.x and Parallels Small Business Panel.
For instructions on upgrading from the panel, please refer to the Administrator Manual at:
http://download1.parallels.com/Plesk/PP10/10.0.1/Doc/en-US/online/plesk-administrator-guide/index.htm?fileName=59215.htm
This notification is made pursuant to our development policy of notifying users when critical security issues arise and making fixes available as soon as possible. Please ensure that this patch has already been applied as soon as possible.
Parallels Plesk Panel Team
Deja una respuesta