Lucene search

[email protected]CVE-2006-1598

HistoryApr 03, 2006 - 5:04 p.m.

CVE-2006-1598

2006-04-0317:04:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-1598

httpd

security vulnerability

source code disclosure

crafted requests

7.7 High

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.012 Low

EPSS

Percentile

84.7%

JSON

AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with (1) dot and (2) space characters in the file extension.

CPENameOperatorVersion
an:an-httpdan an-httpdeq1.41c
an:an-httpdan an-httpdeq1.38
an:an-httpdan an-httpdeq1.40
an:an-httpdan an-httpdle1.42n
an:an-httpdan an-httpdeq1.2b
an:an-httpdan an-httpdeq1.39
an:an-httpdan an-httpdeq1.41
an:an-httpdan an-httpdeq1.41b

CPE	Name	Operator	Version
an:an-httpd	an an-httpd	eq	1.41c
an:an-httpd	an an-httpd	eq	1.38
an:an-httpd	an an-httpd	eq	1.40
an:an-httpd	an an-httpd	le	1.42n
an:an-httpd	an an-httpd	eq	1.2b
an:an-httpd	an an-httpd	eq	1.39
an:an-httpd	an an-httpd	eq	1.41
an:an-httpd	an an-httpd	eq	1.41b

References

secunia.com/advisories/19326

secunia.com/secunia_research/2006-21/advisory

securitytracker.com/id?1015858

www.osvdb.org/24323

www.securityfocus.com/archive/1/429667/100/0/threaded

www.securityfocus.com/bid/17350

www.vupen.com/english/advisories/2006/1200

exchange.xforce.ibmcloud.com/vulnerabilities/25591

7.7 High

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.012 Low

EPSS

Percentile

84.7%

JSON

Related for CVE-2006-1598

prion1