The move command can be used to move files around or rename them. There are a lot of flags that you can use with the move command but , they are rarely used by me. I will list a few […] ↓ Read the rest of this entry…
Posts Tagged command
The ls command is used to list the contents of a directory. Using the flags you can change the format of the output to show the information that you need. If you use just the ls command you get a […] ↓ Read the rest of this entry…
Debian: 2805-1: sup-mail: command injection
(Nov 27) joernchen of Phenoelit discovered two command injection flaws in Sup, a console-based email client. An attacker might execute arbitrary command if the user opens a maliciously crafted email. [More…]
Debian: 2798-2: curl: unchecked ssl certificate h
(Nov 20) The update for curl in DSA-2798-1 uncovered a regression affecting the curl command line tool behaviour (#729965). This update disables host verification too when using the –insecure option. [More…]
The following functionalities were improved:
# plesk bin server_pref -forbid-ftp-user-rename <true|false|forced>
The following command can be used on Windows systems:
“%plesk_bin%”server_pref -forbid-ftp-user-rename <true|false|forced>
The following issue was resolved:
[-] File manager could not open files for viewing if these files contained umlauts or symbols encoded in CP1251. (PPPM-942)
The following features have been added:
The following issues have been fixed:
[-] Panel did not apply automatic updates to the Migration & Transfer Manager in some cases.
[-] Administrators could not change the ASP.NET version on a subscription by means of the ‘subscription’ command-line utility. (PPPM-974)
[-] Administrators could not create subscriptions by means of the ‘subscription’ command-line utility if the webmail software was not installed on the server. (142956)
[-] The Postfix mail queue contained messages with the value “Not Found” in the “From” field. (PPPM-968)
Parallels Plesk Panel 11.5.30 MU#17
The following features have been improved:
[+] Administrators can forbid renaming primary domains of subscriptions.
- On Linux: plesk bin server_pref –update -forbid-subscription-rename true|false
- On Windows: “%plesk_dir%inserver_pref.exe” –update -forbid-subscription-rename true|false
The following issues have been fixed:
[-] Panel did not load proper SSL certificates for domains. (142545)
Debian: 2760-1: chrony: Multiple vulnerabilities
(Sep 18) Florian Weimer discovered two security problems in the Chrony time synchronisation software (buffer overflows and use of uninitialised data in command replies). [More…]
Debian: 2739-1: cacti: Multiple vulnerabilities
(Aug 21) Two security issues (SQL injection and command line injection via SNMP settings) were found in Cacti, a web interface for graphing of monitoring systems. [More…]
[*] (Windows only) MailEnable was upgraded to version 7.50. (141274)
[*] (Windows only) Panel is shipped with Tomcat 7.0.42 and Java Runtime libraries 7 update 25. (141273)
The following issues have been fixed:
[-] (Linux only) Customers could receive the “Mail Not Delivered” messages even if their email was delivered successfully. (119925)
[-] (Linux only) The virus definitions of Parallels Premium Antivirus by Dr. Web were not updated if the default trial license key was used. (139833)
[-] (Linux only) After Panel was upgraded from version 11.0, PHP scripts could no longer be processed by nginx if SELinux was turned on. The following error was recorded in /var/log/php-fpm/error.log: “php-fpm.sock failed (13: Permission denied)”. (140941) [-] (Linux only) In some cases, Panel did not validate DNS record conflicts if CNAME records were manually modified. The DNS server failed to start. (141147)
[-] (Linux only) The RoundCube webmail was not working due to various errors (PHP errors, memory exhaustion, and so on) if certain classes or functions such as ini_get were disabled in the server-wide php.ini file. (141201)
[-] (Linux only) After upgrading Plesk from version 9.5, customers could no longer back up domains that had subdomains. The following error occurred: “Cannot savedir: Permission denied”. (141214)
[-] (Linux only) The subscription command-line utility could not change the PHP handler for websites. (141238)
[-] (Linux only) Subscriptions could not be synchronized with a service plan if the plan was created using command-line utilities and access to shell was not allowed or was set to chroot. (141254)
[-] (Linux only) The allow and deny access directives of Apache .htaccess worked incorrectly if a reverse proxy in nginx was enabled. (141265)
[-] (Linux only) If Panel was installed without updates, and updates were installed afterwards, email messages could not be sent. The following error occurred: “Warning: the Postfix sendmail command must be installed without set-uid root file permissions”. (141283)
[-] (Linux only) Administrators were unable to turn off the nginx reverse proxy. The following error occurred: “Service /etc/init.d/nginx failed to stop”. (141297)
[-] (Linux only) Customers could not disable DomainKeys email signing on domains after it had been enabled. (141316)
[-] The help page of the dns command-line utility was not localized. (141368)
[-] The help page of the server_dns command-line utility contained errors. (141374)
[-] Backing up to external FTP repositories did not work properly. (141100 and 141338)
[-] Updating of reseller service plans via API-RPC could result in the following error: “PHP Fatal error: Call to undefined method”. (141439)
[-] After upgrading from Plesk 9 it was impossible to remove email accounts with mail forwarding. The following error occurred: “PHP Fatal error: Call to undefined method”. (141453)
[-] Customers could use webmail on their domains even if the domains were suspended. (84187)
[-] (Linux only) Qmail did not accept email messages sent to mailing lists on domain aliases. The following error occurred: “550 sorry, no mailbox here by that name. (#5.7.17)”. (107619)
[-] (Linux only) Panel failed to migrate the Mailman data and settings if the default locale of the source server was German. (133147)
[-] Panel failed to migrate mail relay settings from Plesk 9.x with the error “Unable to set relaying type”. (140277)
[-] (Linux only) Panel failed to migrate databases that use latin-1 character set. In the migrated databases, non-ASCII characters were replaced with question marks. (141027)
[-] Panel did not pass database user passwords to event handlers. (141261)
[-] (Linux only) When administrators executed the statistics utility for a single domain, Panel removed FTP log records for other domains. (141378)
[-] Email notifications about resource overuse that were sent on behalf of the administrator contained wrong sender email addresses. (141380)
[-] Administrators had to complete the post-install configuration of Panel before they could use the server_dns command-line utility. (141502)
[-] Security improvements. (141537)
[-] (Linux only) Kaspersky Antivirus could not be switched on via the API-RPC. (141491)
[-] (Linux only) Message submission did not work after installing updates on Panel 11.5.30. (141740)
[-] (Windows only) Domains could not be migrated from Plesk 9 if mail accounts on source servers had a password containing a quotation mark (“) (141054)
[-] (Windows only) AWStats statistics processed log files very slowly because of excessive DNS lookups. (137500)
[-] (Windows only) IP addresses that were no longer used could not be removed from the server IP pool. The following error occurred: “The IP address x.x.x.x is already used for hosting”. (141139)
[-] (Windows only) Panel did not include some DNS records from the server-wide DNS template into DNS zones of newly created domains. (132577)
[-] (Windows only) Users were unable to log in to Control Panel from Customer & Business Manager by clicking Business Operations > Subscriptions > <subscription name> > Log In. They encountered the following error: “Internal error: SQLSTATE[42S22]: Column not found: 1054 Unknown column ‘externalId’ in ‘where clause’.” (141454)
[-] (Windows only) Users were unable to import database backups through phpMyAdmin. (141524)
The following features have been improved:
The following issues have been fixed:
[-] (Linux only) Data transfers from Plesk failed if a source server had an APS application and an SSL certificate installed on the main domain. The following error was encountered: “Line 2519 error: Element ‘certificates’: This element is not expected.” (138313)
[-] (Linux only) Configuration generated successfully for domains with the frame forwarding hosting type which were not assigned any IP addresses. (72945)
[-] (Linux only) Newly created domains were not accessible if Panel installation was moved to a new directory with a symbolic link from the old installation’s location. (78435)
[-] Panel UI processed operations with the list of customers very slowly if at least one customer had a large number (more than a thousand) of subscriptions. (93163)
[-] After upgrading from Plesk 9.5.4, the turned off mail forwarding operation became active again. (100438)
[-] (Linux only) Plesk Mobile Manager for iPhone was unable to connect to Panel. (114780)
[-] (Linux only) When Migration & Transfer Manager was trying to download data from the source server, the transfer operation could fail with the message: “Error: pmm utility ‘migration_handler’ raised an exception. Error code is: 1” (140299)
[-] (Linux only) The domain command-line utility failed to enable the mail service for a domain if this domain had been created while no mail service had been installed in Panel. Panel issued the message: “PHP Fatal error”. (140833)
[-] (Linux only) Administrators could not adjust mail server settings in Administrator’s Panel after switching from Qmail to Postfix if short mail account names were allowed in Qmail settings. (140837)
[-] (Linux only) After upgrading to Panel 11.5, Panel failed to generate the Apache configuration files if the PHP setting max_execution_time was set to “0”. Panel raised the error: “Template_Exception: Syntax error on line 64”. (140853)
[-] (Linux only) The command-line utilities domain and subscription raised errors on attempts to obtain information about domains with hosting type “No hosting”. (140924)
[-] Subscriptions suspended due to traffic overuse were not automatically unsuspended at the beginning of the next month. (140939)
[-] Customers without subscriptions could not use the Panel’s built-in search. They encountered an “Internal error”. (140989)
[-] (Windows only) Panel displayed an unclear error message on the File Sharing page if the system user account was changed or removed by administrator in the operating system settings. (105470)
[-] (Windows only) The installation of the Formmail APS application failed with the error: “Error: Installation of formmail at http://example.com/formmail failed.” (132784)
[-] (Windows only) AWStats did not calculate web statistics for a domain with the WWW prefix and all the domain’s aliases. (140882)
[-] (Windows only) Certificate signing requests could not be generated properly via Plesk XML-RPC API. (140900)
[-] (Windows only) Customers were unable to retrieve a forgotten password from Panel if Panel was configured to work with Microsoft SQL Server. They encountered the “Operation failed” error. (141099)
Debian: 2645-1: inetutils: denial of service
(Mar 14) Ovidiu Mara reported in 2010 a vulnerability in the ping util, commonly used by system and network administrators. By carefully crafting ICMP responses, an attacker could make the ping command hangs. [More…]
Debian: 2578-1: rssh: insufficient filtering of r
(Nov 27) James Clawson discovered that rssh, a restricted shell for OpenSSH to be used with scp/sftp, rdist and cvs, was not correctly filtering command line options. This could be used to force the execution of a remote script and thus allow arbitrary command execution. Two CVE were assigned: [More…]
The tail command is a very commonly used command to pull the last number of lines from a file. This is extremely useful when you want to look through error logs to trouble shoot an issue. You can watch a […] ↓ Read the rest of this entry…
Debian: 2530-1: rssh: shell command injection
(Aug 15) Henrik Erkkonen discovered that rssh, a restricted shell for SSH, does not properly restrict shell access. For the stable distribution (squeeze), this problem has been fixed in [More…]
cPanel & WHM servers using the default cPanel PHP CGI configuration are not vulnerable to the command line switch vulnerability. A recently disclosed flaw in PHP’s CGI implementation allows malicious users to remotely view and execute source code. The exploit…
CentOS 4 and RHEL 4 6-Month End of Life Notice
For continued compatibility with the latest versions of cPanel & WHM, please update your server to CentOS 6 or RHEL 6.CentOS and Red Hat discontinued support for version 4 of their respective operating systems on February 29, 2012. cPanel & WHM version 11.32 will…
Plesk Panel 10.3.1 MU#11 for Linux and Windows
[-] (Linux only) Customers failed to log in to their webmail accounts if they used an internationalized domain name for the mail server.
[-] (Linux only) Panel corrupted Apache configuration files if a server had more than 300 assigned IP addresses. Administrators received the following error in Server Administration Panel: “New files of configuration for Apache web server were not built due to errors in configuration templates. The detailed error message was e-mailed to you, so please check the e-mail, fix the errors, and click here to retry generating configuration.
”.
[-] (Linux only) When administrators created a subscription in the suspended state and then activated it using a certain API call, the mail server still considered that domains under the subscription were disabled.
[-] (Linux only) Customers failed to perform website copying in Control Panel as it hung up with the status message “Copying the website example.com to example2.com. You will be notified of the progress by e-mail ([email protected])
”.
[-] (Linux only) The user experience of working with phpMyAdmin is improved by removing a warning about the difference between the PHP MySQL library version and the MySQL server version.
[-] (Linux only) Administrators failed to reconfigure Apache using the command “/usr/local/psa/admin/bin/httpdmng --reconfigure-all
” if one of sites had a custom vhost.conf file that was removed.
[-] (Windows only) Administrators failed to back up reseller accounts using the command-line call with the error “Unrecognized option: '-from-file'
”.
[-] (Windows only) The following confusing message accidentally shown in phpMyAdmin to Panel users was removed “Your PHP MySQL library version 5.0.90 differs from your MySQL server version 5.1.50. This may cause unpredictable behaviour. This message can be safely ignored. The reason that the library cannot be upgraded with the server is that, in Enterprise Linux, everything is compiled around the old library. Upgrading the library would break a number of programs compiled against it so, for compatibility's sake, it must remain as the one provided by the vendor directly. If you REALLY need the latest libraries you can recompile php from the SRPMS.
”.
[-] (Windows only) Some symbols in the German locale (like “o” or “?”) were displayed incorrectly in the Panel GUI.
[-] (Windows only) Panel failed to propagate some tasks with complex schedule to the system scheduler. Such tasks were successfully created by administrators in Server Administration Panel but the Windows event log contained the error “The task XML contains too many nodes of the same type.
”.
[-] (Windows only) Customers failed to upload files in File Manager after the upgrade from Panel 10.1.1 with the error “Unable to upload C:fakepathfilename.doc to //httpdocs/C:fakepathfilename.doc: Improper value.
”.
[-] (Windows only) Panel failed to perform its daily maintenance routines after upgrade with various errors related to SpamAssassin and Perl.
[-] Qmail-TLS STARTTLS protocol plaintext command injection vulnerability fixed. More details: http://telussecuritylabs.com/threats/show/FSC20110309-02
[-] Qmail-TLS STARTTLS protocol plaintext command injection vulnerability fixed. More details: http://telussecuritylabs.com/threats/show/FSC20110309-02
[-] Qmail-TLS STARTTLS protocol plaintext command injection vulnerability fixed. More details: http://telussecuritylabs.com/threats/show/FSC20110309-02
[-] Qmail-TLS STARTTLS protocol plaintext command injection vulnerability fixed. More details: http://telussecuritylabs.com/threats/show/FSC20110309-02
[-] Qmail-TLS STARTTLS protocol plaintext command injection vulnerability fixed. More details: http://telussecuritylabs.com/threats/show/FSC20110309-02