Installatron Plugin 9.0.4 and 8.0.1621 October 2013 Installatron Plugin software version 9.0.4 and 8.0.16 are now the respective release and stable versions of the product. This security release fixes a privilege escalation vulnerability that affects DirectAdmin server configurations with a "System CURL Binary" selection for the "Installatron Admin > Settings > HTTP driver" setting. Servers not using DirectAdmin and servers with any other selection for this setting are not affected. There is no reason to believe that this vulnerability is known to the public. Installatron would like to thank Rack911.com for discovering and reporting this issue.
Read more: Installatron Plugin 9.0.4 Changelog |