Lucene search
K

33 matches found

Exploit DB
Exploit DB
added 2003/01/06 12:0 a.m.27 views

AN HTTPD 1.41 e - Cross-Site Scripting

source: https://www.securityfocus.com/bid/6529/info AN HTTPD does not adequately filter HTML code thus making it prone to cross-site scripting attacks. It is possible for a remote attacker to create a malicious link containing script code which will be executed in the browser of a legitimate user...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/01/05 12:0 a.m.30 views

AN HTTPd v.1.41e: DoS, CSS, real patch attack

Damage Hacking Group security advisory www.dhgroup.org Product: AN HTTPd server Authors: www.st.rim.or.jp Vulnerability: DoS, CSS, 'real patch' attack Overview-------------------------------------------------------------- This is Japanez http-server for win32-platforms. U can download it from...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2002/10/29 12:0 a.m.32 views

Crossite scripting in AN HTTPD

AN HTTPD shows an error page if a client sends a request containing ":" in the URI field. The problem occurs due to the fact that this URI is injected into the error page without being sanitized...

0.4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2002/10/29 12:0 a.m.26 views

[SNS Advisory No.57] AN HTTPD Cross-site Scripting Vulnerability

---------------------------------------------------------------------- SNS Advisory No.57 AN HTTPD Cross-site Scripting Vulnerability Problem first discovered: Wed, 23 Oct 2002 Published: Mon, 28 Oct 2002 Reference: http://www.lac.co.jp/security/english/snsadve/57e.html...

Exploits0
Packet Storm
Packet Storm
added 2002/10/22 12:0 a.m.19 views

anhttpd141c_exploit.java

Advisory Information -------------------- Name : AN HTTPD Vendor Homepage : http://www.st.rim.or.jp/nakata/ Platforms : Windows9x/Me/NT/2000/XP Vulnerability Type : stack overflow very easy to exploit Vendor Contacted : 17/10/2002 Vendor Replied : 20/10/2002 Vulnerable Versions : 1.30 to 1.41c No...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/10/21 12:0 a.m.20 views

AN HTTPD 1.381.391.401.41 - SOCKS4 Buffer Overflow

AN HTTPD 1.381.391.401.41 - SOCKS4 Buffer Overflow source: https://www.securityfocus.com/bid/6012/info A buffer overflow vulnerability has been reported for AN HTTPD. The vulnerability is due to insufficient bounds checking of usernames for SOCKS4 requests. When AN HTTPD acts as a SOCKS4 server, ...

1.1AI score
Exploits0
Exploit DB
Exploit DB
added 2002/10/21 12:0 a.m.25 views

AN HTTPD 1.38/1.39/1.40/1.41 - 'SOCKS4' Buffer Overflow

source: https://www.securityfocus.com/bid/6012/info A buffer overflow vulnerability has been reported for AN HTTPD. The vulnerability is due to insufficient bounds checking of usernames for SOCKS4 requests. When AN HTTPD acts as a SOCKS4 server, it handles user names in an unsafe manner. An...

7.4AI score
Exploits0
CVE
CVE
added 2000/01/04 5:0 a.m.56 views

CVE-1999-0947

AN-HTTPd server is affected by a remote command execution risk due to default CGI scripts test.bat, input.bat, input2.bat, and ssi/envout.bat that allow shell metacharacters. Exploitation would enable an attacker to run arbitrary commands on the remote host. The vulnerability details are drawn fr...

7.5CVSS7.3AI score0.03159EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2000/01/04 5:0 a.m.25 views

CVE-1999-0947

AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters...

7.3AI score0.03159EPSS
Exploits0References2
Packet Storm
Packet Storm
added 1999/11/05 12:0 a.m.27 views

ex_anhttpd.txt

by Message by Thread Post Reply To: BugTraq Subject: Some holes for Win/UNIX softwares Date: Tue Nov 02 1999 22:39:56 Author: UNYUN Message-ID: ------------------------------------------------------------------------ 3 AN-HTTPd 1.20b Problem: The test CGIs which are distributed with AN-HTTPd 1.20...

7.4AI score
Exploits0
NVD
NVD
added 1999/11/02 5:0 a.m.15 views

CVE-1999-0947

AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters...

7.5CVSS7.3AI score0.03159EPSS
Exploits0References2
exploitpack
exploitpack
added 1999/11/02 12:0 a.m.9 views

AN-HTTPd 1.2b - CGI s

AN-HTTPd 1.2b - CGI s source: https://www.securityfocus.com/bid/762/info Certain versions of the AN-HTTPd server contain default CGI scripts that allow code to be executed remotely. This is due to poor sanity checking on user supplied data. http://www.xxx.yy/cgi-bin/input.bat?|dir....\windows...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 1999/11/02 12:0 a.m.39 views

AN-HTTPd Multiple Test CGIs Arbitrary Command Execution

The remote web server is an AN-HTTPD server which contains default CGI scripts. At least one of these CGIs is installed on the remote server : cgi-bin/test.bat cgi-bin/input.bat cgi-bin/input2.bat ssi/envout.bat It is possible to misuse them to make the remote server execute arbitrary commands...

7.5CVSS5.6AI score0.03159EPSS
Exploits0References1
Rows per page
Query Builder