Plesk is one of the control panels that are used to manage a server through a graphic interface.

Recently a number of critical vulnerabilities have been found. Due to the fact that these vulnerabilities are currently actively being exploited an immediate upgrade is required.

Plesk environments which have not yet been upgraded to the latest version/patchlevel allo malicious users to control the server by gaining access privileges of authorised users. This vulnerability is present in at least Plesk 9, Plesk 10 and Plesk 11.

Do you have Plesk installed on your server? Then please install the relevant MicroUpdate for your platform:

* Plesk 11: fixed in MU#46 (shows up as a Security fix in red in all Plesk 11 versions)
* Plesk 10.4.4: Fixed in MU#49 (Shows up as an Update in Panel)
* Plesk 10.3.1: MicroUpdate MU#20
* Plesk 10.2.0: MicroUpdate MU#19
* Plesk 10.1.1: MicroUpdate MU#24
* Plesk 10.0.1: MicroUpdate MU#18
* Plesk 9.5.4: MicroUpdate MU#28

If you still use Plesk 8 please upgrade to a newer release. No fixes are available for Plesk 8.

And please check every so often for new releases or updates to be installed.

For more information on this vulnerability please see here:
http://kb.parallels.com/115942
http://www.kb.cert.org/vuls/id/310500