SECUNIA ADVISORY ID: SA42592

VERIFY ADVISORY: Secunia.com: http://secunia.com/advisories/42592/

CRITICALITY: Highly Critical

RELEASE DATE: 2010-12-21

DESCRIPTION: Kingcope has discovered a vulnerability in LiteSpeed Web Server, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is confirmed in version 4.0.18 Standard. Other versions may also be affected.

The vulnerability is caused due to a boundary error in the LSAPI PHP extension (lsphp) when processing HTTP headers and can be exploited to cause a stack-based buffer overflow via an overly-long header (greater than 255 bytes) sent in a web request to a PHP script. Successful exploitation allows execution of arbitrary code.

SOLUTION: Restrict access to trusted hosts only (e.g. via network access control lists).

PROVIDED AND/OR DISCOVERED BY: Kingcope

ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0188.html