Lucene search
K
AnAn-httpd

5 matches found

CVE
CVE
added 2006/04/03 5:0 p.m.85 views

CVE-2006-1598

Summary: CVE-2006-1598 affects AN HTTPD 1.42n and possibly earlier versions (before 1.42p). Vulnerability: Remote attackers can obtain the source code of scripts by sending crafted requests that exploit specific dot and space characters in the file extension. Impact: Information disclosure (confi...

7.8CVSS6.9AI score0.01895EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.56 views

CVE-1999-0947

AN-HTTPd server is affected by a remote command execution risk due to default CGI scripts test.bat, input.bat, input2.bat, and ssi/envout.bat that allow shell metacharacters. Exploitation would enable an attacker to run arbitrary commands on the remote host. The vulnerability details are drawn fr...

7.5CVSS7.3AI score0.03159EPSS
CVE
CVE
added 2005/06/28 4:0 a.m.56 views

CVE-2002-1930

CVE-2002-1930 : Red Hat and other sources confirm a buffer overflow in AN HTTPd versions 1.38–1.4.1c that allows remote attackers to execute arbitrary code via a SOCKS4 request with a long username. The available descriptions identify the affected product and the input vector but do not provide a...

7.5CVSS8.3AI score0.05463EPSS
CVE
CVE
added 2005/04/13 4:0 a.m.51 views

CVE-2005-1086

The CVE-2005-1086 entry concerns AN HTTPD Server 1.42n, specifically the cmdIS.DLL plugin. The issue is a buffer overflow in the plugin when processing an HTTP request with a long User-Agent header, enabling remote code execution. The available documents identify the vulnerable component and caus...

6.4CVSS8.4AI score0.05566EPSS
CVE
CVE
added 2005/04/13 4:0 a.m.47 views

CVE-2005-1087

The CVE-2005-1087 entry concerns the AN HTTPD Server 1.42n, specifically the cmdIS.DLL plugin . It describes a CRLF injection vulnerability triggered by CRLF sequences in an HTTP request, enabling remote attackers to spoof or hide logfile entries and potentially read files via an injected type co...

6.4CVSS7.4AI score0.02288EPSS