RaidenHTTPd < 1.1.31 Crafted Request Remote File Access
Medium Nessus Network Monitor Plugin ID 2594
SynopsisThe remote host is vulnerable to a flaw that allows attackers to retrieve sensitive files or data.
DescriptionThe remote host is running RaidenHTTPd. RaidenHTTPd is a web server that is designed for the Microsoft platform. This version of RaidenHTTPd is vulnerable to a flaw where an attacker can read any file on the web server by using the header 'Host: localhost'.
SolutionUpgrade to version 1.1.31 or higher.