2 matches found
CVE-2018-19792
The server in LiteSpeed OpenLiteSpeed before 1.5.0 RC6 allows local users to cause a denial of service buffer overflow or possibly have unspecified other impact by creating a symlink through which the openlitespeed program can be invoked with a long command name involving ../ characters, which is...
CVE-2018-19792
The vulnerability CVE-2018-19792 affects LiteSpeed OpenLiteSpeed before 1.5.0 RC6. A buffer overflow in the server path resolution (LshttpdMain::getServerRootFromExecutablePath) can be triggered by creating a symlink with a long command name (involving ../../) and allows a local attacker to cause...