33 matches found
EUVD-2005-1089
Malware in sbrugna...
EUVD-2005-1090
Malware in sbrugna...
CVE-2002-1930
Buffer overflow in AN HTTPd 1.38 through 1.4.1c allows remote attackers to execute arbitrary code via a SOCKS4 request with a long username...
CVE-1999-0947
AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters...
AN HTTPD Detection
Checks whether AN HTTPD is present on the target system and if so, tries to figure out the installed version. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU Gener...
AN-HTTPd 1.2 b CGI Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/762/info Certain versions of the AN-HTTPd server contain default CGI scripts that allow code to be executed remotely. This is due to poor sanity checking on user supplied data...
CVE-2002-1930
Buffer overflow in AN HTTPd 1.38 through 1.4.1c allows remote attackers to execute arbitrary code via a SOCKS4 request with a long username...
CVE-2002-1930
CVE-2002-1930 : Red Hat and other sources confirm a buffer overflow in AN HTTPd versions 1.38–1.4.1c that allows remote attackers to execute arbitrary code via a SOCKS4 request with a long username. The available descriptions identify the affected product and the input vector but do not provide a...
CVE-2005-1086
Buffer overflow in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to execute arbitrary code via an HTTP request with a long User-Agent header...
CVE-2005-1087
CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to spoof or hide entries in the logfile, and possibly read files using an injected type command, via CRLF sequences in an HTTP request...
CVE-2005-1087
The CVE-2005-1087 entry concerns the AN HTTPD Server 1.42n, specifically the cmdIS.DLL plugin . It describes a CRLF injection vulnerability triggered by CRLF sequences in an HTTP request, enabling remote attackers to spoof or hide logfile entries and potentially read files via an injected type co...
CVE-2005-1086
The CVE-2005-1086 entry concerns AN HTTPD Server 1.42n, specifically the cmdIS.DLL plugin. The issue is a buffer overflow in the plugin when processing an HTTP request with a long User-Agent header, enabling remote code execution. The available documents identify the vulnerable component and caus...
CVE-2005-1086
Buffer overflow in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to execute arbitrary code via an HTTP request with a long User-Agent header...
Multiple AN HTTPD Web Server vulnerabilities
Buffer overflows, crossite scripting...
AN HTTPD - 'CMDIS.dll' Remote Buffer Overflow (PoC)
source: https://www.securityfocus.com/bid/13066/info AN HTTPD is reported prone to a remote buffer overflow vulnerability. Specifically, the issue presents itself in 'cmdIS.DLL' which calls the 'GetEnvironmentStrings' function to copy environment variables into a finite sized process buffer. The...
CVE-2005-1087
CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to spoof or hide entries in the logfile, and possibly read files using an injected type command, via CRLF sequences in an HTTP request...
AN HTTPd Sample Script File Truncation
Product Description AN HTTPd is a relatively small, powerful web server designed for Windows systems. It supports ISAPI, CGI, SSI, and several other powerful technologies such as isolated worker processes usually only seen in production servers. More information on AN HTTPd is available at...
AN HTTPD 1.x - Count.pl Directory Traversal
source: https://www.securityfocus.com/bid/7397/info AN HTTPd contains a sample script named count.pl that may be used as a web counter. This script does not perform adequate access validation on paths containing directory traversal ../ character seqences. The vulnerable script may be used to...
ANHTTPd.txt
Product Description AN HTTPd is a relatively small, powerful web server designed for Windows systems. It supports ISAPI, CGI, SSI, and several other powerful technologies such as isolated worker processes usually only seen in production servers. More information on AN HTTPd is available at...
AN HTTPD 1.41 e - Cross-Site Scripting
source: https://www.securityfocus.com/bid/6529/info AN HTTPD does not adequately filter HTML code thus making it prone to cross-site scripting attacks. It is possible for a remote attacker to create a malicious link containing script code which will be executed in the browser of a legitimate user...