CVE-2018-19792
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
The server in LiteSpeed OpenLiteSpeed before 1.5.0 RC6 allows local users to cause a denial of service (buffer overflow) or possibly have unspecified other impact by creating a symlink through which the openlitespeed program can be invoked with a long command name (involving ../ characters), which is mishandled in the LshttpdMain::getServerRootFromExecutablePath function.
El servidor en LiteSpeed OpenLiteSpeed en versiones anteriores a la 1.5.0 RC6 permite que los usuarios locales provoquen una denegación de servicio (desbordamiento de búfer) o, posiblemente, otro impacto creando un enlace simbólico mediante el cual el programa openlitespeed puede ser invocado con un nombre de comando largo (incluyendo caracteres ../) que se manipula incorrectamente en la función LshttpdMain::getServerRootFromExecutablePath.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-12-03 CVE Reserved
- 2018-12-03 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/litespeedtech/openlitespeed/issues/117 | 2024-08-05 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Litespeedtech Search vendor "Litespeedtech" | Openlitespeed Search vendor "Litespeedtech" for product "Openlitespeed" | <= 1.4.41 Search vendor "Litespeedtech" for product "Openlitespeed" and version " <= 1.4.41" | - |
Affected
| ||||||
| Litespeedtech Search vendor "Litespeedtech" | Openlitespeed Search vendor "Litespeedtech" for product "Openlitespeed" | 1.5.0 Search vendor "Litespeedtech" for product "Openlitespeed" and version "1.5.0" | rc1 |
Affected
| ||||||
| Litespeedtech Search vendor "Litespeedtech" | Openlitespeed Search vendor "Litespeedtech" for product "Openlitespeed" | 1.5.0 Search vendor "Litespeedtech" for product "Openlitespeed" and version "1.5.0" | rc2 |
Affected
| ||||||
| Litespeedtech Search vendor "Litespeedtech" | Openlitespeed Search vendor "Litespeedtech" for product "Openlitespeed" | 1.5.0 Search vendor "Litespeedtech" for product "Openlitespeed" and version "1.5.0" | rc3 |
Affected
| ||||||
| Litespeedtech Search vendor "Litespeedtech" | Openlitespeed Search vendor "Litespeedtech" for product "Openlitespeed" | 1.5.0 Search vendor "Litespeedtech" for product "Openlitespeed" and version "1.5.0" | rc4 |
Affected
| ||||||
| Litespeedtech Search vendor "Litespeedtech" | Openlitespeed Search vendor "Litespeedtech" for product "Openlitespeed" | 1.5.0 Search vendor "Litespeedtech" for product "Openlitespeed" and version "1.5.0" | rc5 |
Affected
| ||||||