RaidenHTTPD < 1.1.34 Multiple Remote Vulnerabilities

This script is Copyright (C) 2005-2011 Tenable Network Security, Inc.


Synopsis :

The remote server is vulnerable to several flaws.

Description :

The remote host is running RaidenHTTPD 1.1.33 or older.

Ther are various flaws in the remote version of this server which may
allow an attacker to disclose the source code of any PHP file hosted
on the remote server, or to execute arbitrary code on the remote with
the privileges of the remote server (usually SYSTEM).

Solution :

Upgrade to RaidenHTTPD 1.1.34 or newer.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Web Servers

Nessus Plugin ID: 17243 ()

Bugtraq ID: 12688

CVE ID: