LiteSpeed Web Server Two Unspecified Vulnerabilities

Posted on Friday, September 04, 2009 @ 00:37:03 PDT in Security
by Raven

SECUNIA ADVISORY ID: SA36572

VERIFY ADVISORY: http://secunia.com/advisories/36572/

DESCRIPTION: Two vulnerabilities have been reported in LiteSpeed Web Server, which can be exploited by malicious users to compromise a vulnerable system and malicious people to cause a DoS (Denial of Service). The vulnerabilities are reported in version 3.3.19. Other versions may also be affected.

1) An unspecified error can be exploited to cause Lshttpd to enter an infinite loop.
2) An unspecified post-authentication error may be exploited to execute arbitrary code.

SOLUTION: Restrict access to services.

PROVIDED AND/OR DISCOVERED BY: Reportedly modules for VulnDisco Pack.

ORIGINAL ADVISORY: http://intevydis.com/vd-list.shtml
 
 
click Related        click Share
 
News ©

Site Info v2.2.2

Last SeenLast Seen
Server TrafficServer Traffic
  • Total: 369,746,672
  • Today: 53,826
Server InfoServer Info
  • Oct 20, 2018
  • 12:31 pm PDT
 
 

Daily Inspiration