Below is the quick fix for the Plesk-Horde vulnerability.
Manually apply a patch to the Horde Permission’s User Interface code to
“remove” the “All Authenticated Users” option from the HTML form:
A quick fix to hide this setting in the UI code is to add HTML comments
(“<! –” … “–>”) around the “All Authenticated Users” options in the
HTML form. Basically, it is to add “<! –” at line 63 and “–>” at
(original) line 81 in /usr/share/psa-horde/templates/shares/edit.inc
Here’s the openssl command to convert an SSL cert/key from PK12 (windows) to PEM format:
|
1 |
openssl pkcs12 -in cert.pfx -out cert.pem -nodes |
You can disable SSLv2 in Courier by adding the following line to both /etc/courier-imap/imapd-ssl and /etc/courier-imap/pop3d-ssl:
|
1 |
TLS_CIPHER_LIST="HIGH:MEDIUM:!SSLv2:!LOW:!EXP:!aNULL:@STRENGTH" |
After restarting Courier you should test with openssl to verify SSLv2 has been disabled properly:
|
1 |
openssl s_client -connect localhost:995 -ssl2 |
You can test that weak ciphers have been disabled with the following:
|
1 |
openssl s_client -connect localhost:995 -cipher EXP:LOW |
Extract the certificate
|
1 2 3 4 5 |
keytool -export -alias mykey -keystore mpestore.dat -file exported-der.crt openssl x509 -noout -text -in exported-der.crt -inform der openssl x509 -out exported-pem.crt -outform pem -in exported-der.crt -inform der |
Extract private key
|
1 2 3 4 5 6 |
mkdir t cd t wget http://www.source-code.biz/snippets/java/Base64Coder.java.txt wget http://mark.foster.cc/pub/java/ExportPriv.java javac ExportPriv.java Base64Coder.java java ExportPriv keystore alias password > exported-pkcs8.key |
See http://conshell.net/wiki/index.php/Keytool_to_OpenSSL_Conversion_tips
When trying to use the table copy operation in Plesk DBWebAdmin and error is received due to no space between the auto increment and default charset keywords. The following patch can be manually applied to:
/usr/local/psa/admin/htdocs/domains/databases/phpMyAdmin/sqlparser.lib.php
to fix the problem.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
--- trunk/phpMyAdmin/libraries/sqlparser.lib.php 2006/03/28 11:37:55 8834 +++ trunk/phpMyAdmin/libraries/sqlparser.lib.php 2006/07/30 11:21:59 9205 @@ -2093,6 +2093,12 @@ $after .= ' '; } // workaround for + // AUTO_INCREMENT = 31DEFAULT_CHARSET = utf-8 + + if ($typearr[2] == 'alpha_columnAttrib' && $typearr[3] == 'alpha_reservedWord') { + $before .= ' '; + } + // workaround for // select * from mysql.user where binary user="root" // binary is marked as alpha_columnAttrib // but should be marked as a reserved word |
