Hey folks,
today I started using Parallels Plesk Panel for Linux in Version 10.3.1 . First of all, I have to give you some specs of the server:
- Intel® Core™ i7-2600 Quad-Core
- 16 GB DDR3 RAM
- 2 x 3 TB SATA 6 Gb/s HDD
7200 rpm (Software-RAID 1)
This is running like a charm! But…
The server tells me, that it’s not able to verify the license key. I’m getting the following error message:
Unable to update PLSK.00000000.0000. An error
occurred while processing your key. You can try updating it later.
It seems like my provider hasn’t noticed parallels, that he’s got a new customer…
A vulnerability in the current 2.8.3 release of the popular WordPress blogging software can be exploited remotely via a web browser to temporarily lock out administrators. The cause of the issue is an error in the web-based password reset function. Normally when a password reset is requested, the user would be sent a link to their registered email address. Once the link is clicked, the old WordPress password is removed and a new one is generated which is again sent by email.
The password reset function in the wp-login.php PHP module can be abused to bypass the first step and then reset the admin password by submitting an array to the $key variable. This can be done remotely through any web browser and no confirmation of the password reset will be sent to the admin. Laurent Gaffié first reported that the vulnerability could be used to “compromise” the admin account, but has since issued a correction advising that it could only reset the admin account and cannot be used to break into the system.
The WordPress developers have been advised of the issue and have corrected the problem in a development version of the blogging software, in which they prevent arrays from being passed in the $key variable. The fix updates wp-login.php and replaces
if ( empty( $key ) )
with
if ( empty( $key ) || is_array( $key ) )
Administrators that have already been locked out of their systems should use the “Emergency Password Reset Script“, which needs to be loaded into the root of the WordPress installation (the same directory as wp-login.php). Instructions on how to proceed can be found here: Resetting Your Password.
See also:
I’ve updated it already with the auto-update function!
Well, I have heared some news about smuxi – developed by Mirco ‘meebey’ Bauer, a colleque.
This is about his new windows installer for smuxi. Smuxi is a smart and flexible IRC Client. I think I’m the only one who had the ability to get smuxi running on windows. But now the windows installer does anything you need to get that done for everyone!
The installer is a GUI using NSIS (Nullsoft Scriptable Install System). I’ve written the main installer and meebey enhanced it with a full download implementation for the needed software like .NET and GTK# Runtime.
Taste the new installer – available on smuxi.org. There are some screenshots available, too!
- Download Smuxi
- View Screenshots
First, i want to tell you that this is not the final version of the blog. I have to set up more categories and have to activate some plugins for the final view. This blog is hosted on a small webserver, so I don’t expect a very high number of visitors. But we’ll see about that.
Thank you for visiting!
