Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

LogMeIn 'cfgadvanced.html' HTTP Header Injection

Medium

Synopsis

The remote host is affected by a HTTP header injection vulnerability.

Description

The remote host is a LogMeIn server awaiting remote connections. The installed version of LogMeIn is 4.0.784 or earlier. Such versions are reportedly affected by a HTTP header injection vulnerability. An attacker could exploit this in order to launch various attacks including cross-site scripting, and cross-site request forgery.

Solution

Disable this service if it is not needed.