Plesk Compromise
From arstechnica.com
Parallels KB article:
http://kb.parallels.com/116241
“The exploit for this vulnerability uses a combination of the 2 issues:
– PHP vulnerability CVE-2012-1823 related to CGI mode used in older Plesks (http://kb.parallels.com/en/113818).
– Plesk phppath script alias usage in Plesk versions 9.0 – 9.2
(more…)