Tenable Network Security
Solutions Products Nessus Demos Partners Online Store
Nessus
Download
Plugins
     Newest Plugins
     Obtain an activation code
     View all plugins
     Search
Documentation
Register
Buy Now
ProfessionalFeed Support
Bugs
All the Tenable Products

RaidenHTTPD check.php SoftParserFileXml Parameter Remote File Inclusion
This script is Copyright (C) 2006-2010 Tenable Network Security, Inc.

FamilyCGI abuses
Nessus Plugin ID22317 (raidenhttpd_softparserfilexml_file_include.nasl)
Bugtraq ID19918
CVE IDCVE-2006-4723

Description:
Synopsis :

The remote web server contains a PHP script that is susceptible to a
remote file include attack.

Description :

The remote host is running RaidenHTTPD, a web server for Windows.

The version of RaidenHTTPD on the remote host fails to sanitize
user-supplied input to the 'SoftParserFileXml' of the
'/raidenhttpd-admin/slice/check.php' script before using it to include
PHP code. An unauthenticated attacker may be able to exploit this
issue to view arbitrary files or to execute arbitrary PHP code on the
remote host, subject to the privileges of the user under which the
application runs, LOCAL SYSTEM by default.

See also :

http://milw0rm.com/exploits/2328

Solution :

Unknown at this time.

Risk factor :

Medium / CVSS Base Score : 5.1
(CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P)
About us | Whitepapers | Training | Discussion Forums | Support Portal | Blog | RSS feeds | Contact us | Legal | Privacy

© Copyright 2002 - 2010 Tenable Network Security(R). All Rights Reserved.

This is the web site for the Nessus Vulnerability Scanner from Tenable Network Security. If you are looking for the probabilistic analysis software from Southwest Research Institute, please visit www.nessus.swri.org