An-httpd Security Vulnerabilities and Issues — An-httpd CVE List

Lucene search

AnAn-httpd

5 matches found

CVE•added 2006/04/03 5:4 p.m.•73 views

CVE-2006-1598

AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with (1) dot and (2) space characters in the file extension.

7.8CVSS6.9AI score0.00835EPSS

CVE•added 2000/01/04 5:0 a.m.•44 views

CVE-1999-0947

AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters.

7.5CVSS7.3AI score0.05383EPSS

CVE•added 2005/06/28 4:0 a.m.•44 views

CVE-2002-1930

Buffer overflow in AN HTTPd 1.38 through 1.4.1c allows remote attackers to execute arbitrary code via a SOCKS4 request with a long username.

7.5CVSS8.3AI score0.10942EPSS

CVE•added 2005/05/02 4:0 a.m.•37 views

CVE-2005-1086

Buffer overflow in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to execute arbitrary code via an HTTP request with a long User-Agent header.

6.4CVSS8.4AI score0.07164EPSS

CVE•added 2005/04/13 4:0 a.m.•35 views

CVE-2005-1087

CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to spoof or hide entries in the logfile, and possibly read files using an injected type command, via CRLF sequences in an HTTP request.

6.4CVSS7.4AI score0.04248EPSS