Ravens PHP Scripts

LiteSpeed Web Server Two Unspecified Vulnerabilities
Date: Friday, September 04, 2009 @ 01:37:03 CEST
Topic: Security


VERIFY ADVISORY: http://secunia.com/advisories/36572/

DESCRIPTION: Two vulnerabilities have been reported in LiteSpeed Web Server, which can be exploited by malicious users to compromise a vulnerable system and malicious people to cause a DoS (Denial of Service). The vulnerabilities are reported in version 3.3.19. Other versions may also be affected.

1) An unspecified error can be exploited to cause Lshttpd to enter an infinite loop.
2) An unspecified post-authentication error may be exploited to execute arbitrary code.

SOLUTION: Restrict access to services.

PROVIDED AND/OR DISCOVERED BY: Reportedly modules for VulnDisco Pack.

ORIGINAL ADVISORY: http://intevydis.com/vd-list.shtml

This article comes from Ravens PHP Scripts

The URL for this story is: