LiteSpeed Web Server - Symlink Race Condition Vulnerability (R911-0083)
Type: Symlink Race Condition
Product: LiteSpeed Web Server
Vulnerable Version: 4.2.4
Fixed Version: 4.2.5
LiteSpeed Web Server (LSWS) is a high-performance Apache drop-in replacement. LSWS is the 4th most popular web server on the internet and the #1 commercial web server. Upgrading your web server to LiteSpeed Web Server will improve your performance and lower operating costs.
A malicious user can perform a carefully crafted symlink attack against LiteSpeed Web Server to obtain any file belonging to other customers on the same server. Using our unique symlink attack defeats all protection in the LiteSpeed Web Server in a matter of seconds.
Proof of Concept:
Due to the nature of this security flaw, we will not be posting a Proof of Concept until a much later date.
We have deemed this vulnerability to be rated as HIGH due to the fact that other user files may be accessible.
This vulnerability was tested against LiteSpeed Web Server v4.2.4 and is believed to exist in all prior versions.
This vulnerability was patched in LiteSpeed Web Server v4.2.5.