Lucene search
K

11 matches found

NVD
NVD
added 2007/12/17 6:46 p.m.34 views

CVE-2007-6405

Sergey Lyubka Simple HTTPD shttpd 1.38 and earlier on Windows allows remote attackers to download arbitrary CGI programs or scripts via a URI with an appended 1 '+' character, 2 '.' character, 3 %2e sequence hex-encoded dot, or 4 hex-encoded character greater than 0x7f. NOTE: the %20 vector is...

6.4CVSS6.6AI score0.02675EPSS
Exploits1References7
CVE
CVE
added 2007/12/17 6:0 p.m.49 views

CVE-2007-6405

CVE-2007-6405 affects Sergey Lyubka’s Simple HTTPD (shttpd) 1.38 and earlier on Windows. The issue allows remote attackers to obtain or download arbitrary CGI programs/scripts by sending a URI with special trailing characters: a plus sign (+), a dot (.), %2e (hex-encoded dot), or a hex-encoded ch...

6.4CVSS6.8AI score0.02675EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2007/12/17 6:0 p.m.32 views

CVE-2007-6405

Sergey Lyubka Simple HTTPD shttpd 1.38 and earlier on Windows allows remote attackers to download arbitrary CGI programs or scripts via a URI with an appended 1 '+' character, 2 '.' character, 3 %2e sequence hex-encoded dot, or 4 hex-encoded character greater than 0x7f. NOTE: the %20 vector is...

6.6AI score0.02675EPSS
Exploits1References7
CVE
CVE
added 2007/12/17 6:0 p.m.39 views

CVE-2007-6404

Affected software: Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows. The vulnerability is a directory traversal in the URI (..) that enables remote attackers to read arbitrary files. The underlying issue is improper normalization of path traversal in shttpd’s request handling. Impa...

5CVSS6.7AI score0.02739EPSS
Exploits1References7Affected Software1
Prion
Prion
added 2007/12/13 7:46 p.m.19 views

Design/Logic Flaw

Sergey Lyubka Simple HTTPD shttpd 1.3 on Windows allows remote attackers to cause a denial of service via a request that includes an MS-DOS device name, as demonstrated by the /aux URI...

5CVSS7.1AI score0.07251EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2007/12/13 7:46 p.m.17 views

CVE-2007-6326

Sergey Lyubka Simple HTTPD shttpd 1.3 on Windows allows remote attackers to cause a denial of service via a request that includes an MS-DOS device name, as demonstrated by the /aux URI...

5CVSS6.6AI score0.07251EPSS
Exploits1References4
Cvelist
Cvelist
added 2007/12/13 7:0 p.m.21 views

CVE-2007-6326

Sergey Lyubka Simple HTTPD shttpd 1.3 on Windows allows remote attackers to cause a denial of service via a request that includes an MS-DOS device name, as demonstrated by the /aux URI...

6.6AI score0.07251EPSS
Exploits1References4
CVE
CVE
added 2007/06/26 6:0 p.m.73 views

CVE-2007-3407

CVE-2007-3407 affects Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier. It allows remote attackers to disclose script source code by sending a URI with a trailing encoded space (%20), causing information disclosure. The root cause is improper handling of a trailing %20 in the request. The con...

5CVSS6AI score0.08426EPSS
Exploits2References6Affected Software1
NVD
NVD
added 2006/10/10 4:6 a.m.9 views

CVE-2006-5216

Stack-based buffer overflow in Sergey Lyubka Simple HTTPD shttpd 1.34 allows remote attackers to execute arbitrary code via a long URI...

7.5CVSS8.1AI score0.63331EPSS
Exploits3References8
CVE
CVE
added 2006/10/09 9:0 p.m.40 views

CVE-2006-5216

SHTTPD

7.5CVSS8.1AI score0.63331EPSS
Exploits3References8Affected Software1
Cvelist
Cvelist
added 2006/10/09 9:0 p.m.20 views

CVE-2006-5216

Stack-based buffer overflow in Sergey Lyubka Simple HTTPD shttpd 1.34 allows remote attackers to execute arbitrary code via a long URI...

8.1AI score0.63331EPSS
Exploits3References8
Rows per page
Query Builder