Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The server in LiteSpeed OpenLiteSpeed before 1.5.0 RC6 allows local users to cause a denial of service (buffer overflow) or possibly have unspecified other impact by creating a symlink through which the openlitespeed program can be invoked with a long command name (involving ../ characters), which is mishandled in the LshttpdMain::getServerRootFromExecutablePath function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
LiteSpeed OpenLiteSpeed 缓冲区错误漏洞
Vulnerability Description
LiteSpeed OpenLiteSpeed是一款开源的轻量级HTTP服务器。 LiteSpeed OpenLiteSpeed 1.5.0 RC6之前版本中存在缓冲区溢出漏洞。本地攻击者可通过创建符号链接利用该漏洞造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A