CVE-2007-5654
published 2007-10-23CVE-2007-5654: LiteSpeed Web Server before 3.2.4 allows remote attackers to trigger use of an arbitrary MIME type for a file via a "%00." sequence followed by a new…
PriorityP341medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
41.06%
98.5th percentile
LiteSpeed Web Server before 3.2.4 allows remote attackers to trigger use of an arbitrary MIME type for a file via a "%00." sequence followed by a new extension, as demonstrated by reading PHP source code via requests for .php%00.txt files, aka "Mime Type Injection."
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| litespeed_technologies | litespeed_web_server | <= 3.2.3 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect null-byte injection in URI paths targeting LiteSpeed Web Server — look for '%00.' followed by an alternate extension (e.g., .txt, .html) in HTTP requests to force MIME type confusion and disclose source files such as PHP scripts. ↗
- →Flag any HTTP request URI containing the literal string '%00' (URL-encoded null byte) as a potential MIME Type Injection attempt against LiteSpeed Web Server versions prior to 3.2.4. ↗
- ·Vulnerability is specific to LiteSpeed Web Server versions before 3.2.4; patched in 3.2.4 and later. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://osvdb.org/41867http://secunia.com/advisories/27302http://www.litespeedtech.com/latest/litespeed-web-server-3.2.4-released.htmlhttp://www.securityfocus.com/bid/26163https://exchange.xforce.ibmcloud.com/vulnerabilities/37380https://www.exploit-db.com/exploits/4556http://osvdb.org/41867http://secunia.com/advisories/27302http://www.litespeedtech.com/latest/litespeed-web-server-3.2.4-released.htmlhttp://www.securityfocus.com/bid/26163https://exchange.xforce.ibmcloud.com/vulnerabilities/37380https://www.exploit-db.com/exploits/4556
2007-10-23
Published