5 matches found
CVE-2006-1598
Summary: CVE-2006-1598 affects AN HTTPD 1.42n and possibly earlier versions (before 1.42p). Vulnerability: Remote attackers can obtain the source code of scripts by sending crafted requests that exploit specific dot and space characters in the file extension. Impact: Information disclosure (confi...
CVE-1999-0947
AN-HTTPd server is affected by a remote command execution risk due to default CGI scripts test.bat, input.bat, input2.bat, and ssi/envout.bat that allow shell metacharacters. Exploitation would enable an attacker to run arbitrary commands on the remote host. The vulnerability details are drawn fr...
CVE-2002-1930
CVE-2002-1930 : Red Hat and other sources confirm a buffer overflow in AN HTTPd versions 1.38–1.4.1c that allows remote attackers to execute arbitrary code via a SOCKS4 request with a long username. The available descriptions identify the affected product and the input vector but do not provide a...
CVE-2005-1086
The CVE-2005-1086 entry concerns AN HTTPD Server 1.42n, specifically the cmdIS.DLL plugin. The issue is a buffer overflow in the plugin when processing an HTTP request with a long User-Agent header, enabling remote code execution. The available documents identify the vulnerable component and caus...
CVE-2005-1087
The CVE-2005-1087 entry concerns the AN HTTPD Server 1.42n, specifically the cmdIS.DLL plugin . It describes a CRLF injection vulnerability triggered by CRLF sequences in an HTTP request, enabling remote attackers to spoof or hide logfile entries and potentially read files via an injected type co...