Vulnerabilities > CVE-1999-0947 - Unspecified vulnerability in AN An-Httpd 1.2B
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | AN-HTTPd 1.2 b CGI Vulnerabilities. CVE-1999-0947. Remote exploit for windows platform |
id | EDB-ID:19587 |
last seen | 2016-02-02 |
modified | 1999-11-02 |
published | 1999-11-02 |
reporter | UNYUN |
source | https://www.exploit-db.com/download/19587/ |
title | AN-HTTPd 1.2 b CGI Vulnerabilities |
Nessus
NASL family | CGI abuses |
NASL id | AN_HTTPD_CGIS.NASL |
description | The remote web server is an AN-HTTPD server which contains default CGI scripts. At least one of these CGIs is installed on the remote server : cgi-bin/test.bat cgi-bin/input.bat cgi-bin/input2.bat ssi/envout.bat It is possible to misuse them to make the remote server execute arbitrary commands. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 10016 |
published | 1999-11-02 |
reporter | This script is Copyright (C) 1999-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/10016 |
title | AN-HTTPd Multiple Test CGIs Arbitrary Command Execution |
code |
|