RaidenHTTPd < 1.1.31 Crafted Request Remote File Access

medium Nessus Network Monitor Plugin ID 2594

Synopsis

The remote host is vulnerable to a flaw that allows attackers to retrieve sensitive files or data.

Description

The remote host is running RaidenHTTPd. RaidenHTTPd is a web server that is designed for the Microsoft platform. This version of RaidenHTTPd is vulnerable to a flaw where an attacker can read any file on the web server by using the header 'Host: localhost'.

Solution

Upgrade to version 1.1.31 or higher.

Plugin Details

Severity: Medium

ID: 2594

Family: Web Servers

Published: 2/7/2005

Updated: 3/6/2019

Reference Information

BID: 12451

Detections

Analytics