RaidenHTTPD Remote Script Disclosure Vulnerability
BID:16934
Info
RaidenHTTPD Remote Script Disclosure Vulnerability
| Bugtraq ID: | 16934 |
| Class: | Design Error |
| CVE: |
CVE-2006-0949 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 03 2006 12:00AM |
| Updated: | Mar 08 2006 08:00AM |
| Credit: | Discovered by Tan Chew Keong, Secunia Research. |
| Vulnerable: |
RaidenHTTPD RaidenHTTPD 1.1.47 RaidenHTTPD RaidenHTTPD 1.1.34 RaidenHTTPD RaidenHTTPD 1.1.32 RaidenHTTPD RaidenHTTPD 1.1.27 |
| Not Vulnerable: |
RaidenHTTPD RaidenHTTPD 1.1.48 |
Discussion
RaidenHTTPD Remote Script Disclosure Vulnerability
RaidenHTTPD is prone to an information-disclosure vulnerability. An attacker may be able to obtain the source code of script files.
Scripts may contain sensitive information that an attacker may exploit in further attacks launched against the target computer.
RaidenHTTPD versions prior to 1.1.48 are vulnerable.
RaidenHTTPD is prone to an information-disclosure vulnerability. An attacker may be able to obtain the source code of script files.
Scripts may contain sensitive information that an attacker may exploit in further attacks launched against the target computer.
RaidenHTTPD versions prior to 1.1.48 are vulnerable.
Exploit / POC
RaidenHTTPD Remote Script Disclosure Vulnerability
This issue can be exploited with a web browser.
This issue can be exploited with a web browser.
Solution / Fix
RaidenHTTPD Remote Script Disclosure Vulnerability
Solution:
The vendor has reportedly released version 1.1.48 to address this issue. Please see references for more information.
RaidenHTTPD RaidenHTTPD 1.1.27
RaidenHTTPD RaidenHTTPD 1.1.32
RaidenHTTPD RaidenHTTPD 1.1.34
RaidenHTTPD RaidenHTTPD 1.1.47
Solution:
The vendor has reportedly released version 1.1.48 to address this issue. Please see references for more information.
RaidenHTTPD RaidenHTTPD 1.1.27
-
RaidenHTTPD RaidenHTTPD 1.1.48
http://www.raidenhttpd.com/en/download.html
RaidenHTTPD RaidenHTTPD 1.1.32
-
RaidenHTTPD RaidenHTTPD 1.1.48
http://www.raidenhttpd.com/en/download.html
RaidenHTTPD RaidenHTTPD 1.1.34
-
RaidenHTTPD RaidenHTTPD 1.1.48
http://www.raidenhttpd.com/en/download.html
RaidenHTTPD RaidenHTTPD 1.1.47
-
RaidenHTTPD RaidenHTTPD 1.1.48
http://www.raidenhttpd.com/en/download.html
References
RaidenHTTPD Remote Script Disclosure Vulnerability
References:
References:
- RaidenHTTPD Homepage (RaidenHTTPD)
- RaidenHTTPD Script Source Disclosure Vulnerability (Secunia)