RaidenHTTPD Remote File Disclosure Vulnerability
BID:12451
Info
RaidenHTTPD Remote File Disclosure Vulnerability
| Bugtraq ID: | 12451 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 05 2005 12:00AM |
| Updated: | Feb 05 2005 12:00AM |
| Credit: | Discovery of this vulnerability is credited to Donato Ferrante <[email protected]>. |
| Vulnerable: |
RaidenHTTPD RaidenHTTPD 1.1.27 |
| Not Vulnerable: | |
Discussion
RaidenHTTPD Remote File Disclosure Vulnerability
RaidenHTTPD is reported prone to a remote file disclosure vulnerability. It is reported that the service does not correctly handle requests for restricted files that reside outside of the web document root folder.
A remote attacker may exploit this issue to disclose the contents of web server readable files.
RaidenHTTPD is reported prone to a remote file disclosure vulnerability. It is reported that the service does not correctly handle requests for restricted files that reside outside of the web document root folder.
A remote attacker may exploit this issue to disclose the contents of web server readable files.
Exploit / POC
RaidenHTTPD Remote File Disclosure Vulnerability
The following proof of concept is available:
GET windows/system.ini HTTP/1.1
Host: localhost
The following proof of concept is available:
GET windows/system.ini HTTP/1.1
Host: localhost
Solution / Fix
RaidenHTTPD Remote File Disclosure Vulnerability
Solution:
This vulnerability is addressed in RaidenHTTPD version 1.1.31.
RaidenHTTPD RaidenHTTPD 1.1.27
Solution:
This vulnerability is addressed in RaidenHTTPD version 1.1.31.
RaidenHTTPD RaidenHTTPD 1.1.27
-
RaidenHTTPD RaidenHTTPD 1.1.31
http://www.raidenhttpd.com/en/download.html
References
RaidenHTTPD Remote File Disclosure Vulnerability
References:
References:
- RaidenHTTPD Homepage (RaidenHTTPD)
- directory traversal in RaidenHTTPD 1.1.27 ("Donato Ferrante"