litespeed hacked?

[DanEZPZ]

I just had an email from George saying it's being looked in to and they'll post a fix later today if they're able to replicate it.

[cmanns]

Quote:

Originally Posted by DanEZPZ

I just had an email from George saying it's being looked in to and they'll post a fix later today if they're able to replicate it.

Now I like to hear that

[anewday]

Uh oh. So, there's only one mod_security rule?

Are there any serious bugs in 4.0.14? It still haven't been activated in the auto upgrader in the web console.

[DanEZPZ]

It also affects 4.0.11,12 and 13 so it's not just a .14 thing.

[cmanns]

Quote:

Originally Posted by anewday

Uh oh. So, there's only one mod_security rule?

Are there any serious bugs in 4.0.14? It still haven't been activated in the auto upgrader in the web console.

I've not had a single issue that I can point out that is with 4.0.14, I used 4.0.13 for a few days or so when we fire'd up LiteSpeed on our cpanel box may 29th and back around Feb, .14 just seemed better

[Lauren]

Hi,

4.0.15 for linux version has been built and ready for download.
http://www.litespeedtech.com/litespe...lease-log.html

please help test to confirm the issue is resolved. just go to download page and replace 4.0.14 with 4.0.15 in url.

Thanks,
Lauren

[anewday]

Thanks for the quick fix.

[DanEZPZ]

Installed and tested and it seems to work perfectly, no longer an issue

Thanks

[Lauren]

All platform builds have been updated.

If you are unable to upgrade at this moment, please add mod_security rules to block this exploit suggested by khunj on webhostingtalk

Quote:

Just add this to 'Request Filter' at the server level:

Name : NULLBYTE
Action: deny,log
Eabled: yes
Rules Definition: SecRule REQUEST_URI "\x00"

Restart LS.

4.1RC build will be updated later.

[AndrewT]

Upgraded all servers and it seems to resolve the issue. Though the web console now seems to think 4.0.13 is the latest and should be installed.