Lucene search

[email protected]CVE-1999-0947

HistoryNov 02, 1999 - 5:00 a.m.

CVE-1999-0947

1999-11-0205:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

an-httpd

cgi scripts

remote attack

command execution

shell metacharacters.

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.022 Low

EPSS

Percentile

89.3%

JSON

AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters.

CPENameOperatorVersion
an:an-httpdan an-httpdeq1.2b

CPE	Name	Operator	Version
an:an-httpd	an an-httpd	eq	1.2b

References

marc.info/?l=bugtraq&m=94157187815629&w=2

www.securityfocus.com/bid/762

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.022 Low

EPSS

Percentile

89.3%

JSON

Related for CVE-1999-0947

nessus1