关键漏洞信息 漏洞类型: - CGI Source Code Disclosure Vulnerability - Buffer Overflow Vulnerability 受影响的软件及版本: - RaidenHTTPD Server Version 1.1.32 (Shareware) 漏洞描述: 1. CGI Source Code Disclosure: - RaidenHTTPD supports CGI scripts using PHP or PERL. Using a crafted URL, an attacker can obtain the source code of PHP scripts on the server. 2. Buffer Overflow: - A buffer overflow occurs when RaidenHTTPD processes an HTTP request with a URI longer than 524 characters, potentially allowing remote DoS or arbitrary code execution with LOCAL SYSTEM privileges. 发布版本: - Version 1.1.34 fixes these vulnerabilities. 披露时间线: - Vulnerability Discovered: 20 Feb 05 - Initial Vendor Notification: 22 Feb 05 - Initial Vendor Reply: 22 Feb 05 - Fixed Version 1.1.34 Released: 22 Feb 05 - Public Release: 01 Mar 05 详情链接: - Advisory URL - RaidenHTTPD Website