New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Openlitespeed Web Server 1.7.8 - Privilege Escalation Security Issue #217
Comments
Thanks for the bug report. |
For my environment , there are two users ( And I send resetting request with "Graceful Restart" button. |
We will block "sudo" group for "Run as group". |
Thank you for response. I see what you mean. The Openliteserver is powerful over server. |
Hi, Could I share my findings ? If you think to update or commit, I could wait it. @litespeedtech |
We have fixed this on webadmin input and on server binary. It will be available in 1.7.9 release. |
It has been fixed in 1.6.20 and 1.7.9 release. |
Description
I found a way to escalate privileges on Ubuntu 18.04 via OpenLiteSpeed web server that runs with user(nobody):group(nogroup) privilege . According to this vulnerability , system user that has admin panel credentials can add himself to sudo group or shadow group( to read /etc/shadow file) . So that the user can execute command with high privileges.
Proof of Concept
The text was updated successfully, but these errors were encountered: