Archive for the tag 'code'

SBDavid
Jan 3rd, 2011

ProFTPD Remote Code Execution Vulnerability and Exploit

ProFTPD Remote Code Execution Vulnerability and Exploit

A flaw in the popular ProFTPD FTP server potentially allows unauthenticated attackers to compromise a server. The problem is caused by a buffer overflow in the pr_netio_telnet_gets() function for evaluating TELNET IAC sequences.

ProFTPD bug report: http://bugs.proftpd.org/show_bug.cgi?id=3521

Fixes for the vulnerabilty and exploit.

Parallels has used its micro-update patch functionality in Plesk 9.5x, Plesk 10, and Small Business Panel 10.2 to fix this exploit. You can run the Parallels AutoInstaller to fix this or check the Updates section of your Plesk Panel 9.5x, Plesk 10, or Small Business Panel 10.2 to fix this. This is a file-replace, as opposed to a new install so it will be quick and reliable. To find this in the GUI:

Parallels Plesk Panel 10.x: “Server Management” -> “Tools & Utilities” -> “Updates” -> “Update Components” -> click “Continue”
SBDavid
Dec 14th, 2009

DirectAdmin custom httpd.conf code to the VirtualHosts of a domain

DirectAdmin custom httpd.conf code to the VirtualHosts of a domain

DirectAdmin Allows Admin to insert extra httpd.conf code that a User may require. To access the control page for this functionality, go to Admin Panel -> Admin Settings -> Customize Httpd Configurations.

Once you see the list of domain, click the domain you wish to insert the extra httpd.conf code to.

Another common use is to add another ServerAlias. This allows another domain to be used to access the exact same content. To accomplish this, you would write

ServerAlias mynew-domain.com www.mynew-domain.com

To get mynew-domain.com and www.mynew-domain.com to point to the original domain for the VirtualHost. You will also have to make sure that mynew-domain.com and www.mynew-domain.com both resolve to the same IP.