just now saw this... http://r00tsecurity.org/forums/topi...s-web-server-remote-poison-null-byte-exploit/
EDIT: That is new, Jesus, here we go again lol How litespeed is being cracked and more exploits are out there I am sure. We use litespeed but are currently looking into alternatives as we are paying customer with numerous licenses but we cannot get them to reply to simple support requests and when they do it is just to tell us their support costs money, then when we reply and send emails saying we know their support costs money and we need help, we dont care. they still dont reply!. So their support simply sucks and with such elementary programming mistakes and security issues we will probably try the next apache alternative that can read httpd.conf and .htaccess This was an old exploit too discovered by some defaced group in 2007 I think. I guess all they did was add a request filter to it