Nostromo nhttpd Webserver Directory Traversal Vulnerability

Summary
The host is running Nostromo nhttpd web server and is prone to directory traversal vulnerability.
Impact
Successful exploitation will allow attackers to perform directory traversal attacks and read arbitrary files on the affected application. Impact Level: Application
Solution
Upgrade to Nostromo nhttpd to 1.9.4 or later, For updates refer to http://www.nazgul.ch/dev_nostromo.html
Insight
The flaw is due to an error in validating '%2f..' sequences in the URI causing attackers to read arbitrary files.
Affected
Nostromo nhttpd Version prior to 1.9.4
References