SECUNIA ADVISORY ID: SA36572

VERIFY ADVISORY: http://secunia.com/advisories/36572/

DESCRIPTION: Two vulnerabilities have been reported in LiteSpeed Web Server, which can be exploited by malicious users to compromise a vulnerable system and malicious people to cause a DoS (Denial of Service). The vulnerabilities are reported in version 3.3.19. Other versions may also be affected.

1) An unspecified error can be exploited to cause Lshttpd to enter an infinite loop.
2) An unspecified post-authentication error may be exploited to execute arbitrary code.

SOLUTION: Restrict access to services.

PROVIDED AND/OR DISCOVERED BY: Reportedly modules for VulnDisco Pack.

ORIGINAL ADVISORY: http://intevydis.com/vd-list.shtml