Ravens PHP Scripts

LiteSpeed Web Server Two Unspecified Vulnerabilities
Date: Friday, September 04, 2009 @ 01:37:03 CEST
Topic: Security


SECUNIA ADVISORY ID: SA36572

VERIFY ADVISORY: http://secunia.com/advisories/36572/

DESCRIPTION: Two vulnerabilities have been reported in LiteSpeed Web Server, which can be exploited by malicious users to compromise a vulnerable system and malicious people to cause a DoS (Denial of Service). The vulnerabilities are reported in version 3.3.19. Other versions may also be affected.



1) An unspecified error can be exploited to cause Lshttpd to enter an infinite loop.
2) An unspecified post-authentication error may be exploited to execute arbitrary code.

SOLUTION: Restrict access to services.

PROVIDED AND/OR DISCOVERED BY: Reportedly modules for VulnDisco Pack.

ORIGINAL ADVISORY: http://intevydis.com/vd-list.shtml






This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3670