LiteSpeed Enterprise servers around the globe were specifically targeted today by a surge of focused DDoS attacks.
Our tech support staff was alerted to the problem and quickly worked with our customers to gain access to one of the affected servers. Within an hour we had identified the vulnerability and corrected it, releasing LiteSpeed Enterprise 5.1.13.
LiteSpeed clients deploying LiteSpeed Enterprise should upgrade to 5.1.13 as soon as possible to avoid the DoS vulnerability.
The attack focused on a heap buffer overflow bug that was only present during logging operations (after the request had completed processing). The effect was to cause the server to spin for a while then unduly terminate, causing service disruption. To the best of our knowledge, no remote code injection, no root escalation and no data was compromised.
LiteSpeed Technologies is committed to providing the highest levels of service to our clients and ensuring that their sites remain protected and available at all times.
Timeline of a DDoS Attack on LiteSpeed Servers
12:15 EST: first reports of service disruptions
12:45 EST: LiteSpeed tech support gains access to affected server
13:15 EST: LiteSpeed tech support deploys first fix build
13:40 EST: LiteSpeed tech support pushes bug fix build of 5.1.12
14:05 EST: LiteSpeed tech support releases 5.1.13