Vulnerabilities > AN

DATE CVE VULNERABILITY TITLE RISK
2006-04-03 CVE-2006-1598 Unspecified vulnerability in AN An-Httpd
AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with (1) dot and (2) space characters in the file extension.
network
low complexity
an
7.8
2005-05-02 CVE-2005-1086 Remote Buffer Overflow vulnerability in AN An-Httpd 1.42N
Buffer overflow in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to execute arbitrary code via an HTTP request with a long User-Agent header.
network
low complexity
an
6.4
2005-04-07 CVE-2005-1087 Unspecified vulnerability in AN An-Httpd 1.42N
CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to spoof or hide entries in the logfile, and possibly read files using an injected type command, via CRLF sequences in an HTTP request.
network
low complexity
an
6.4
2003-12-31 CVE-2003-1271 Cross-Site Scripting vulnerability in AN An-Http 1.41E
Cross-site scripting vulnerability (XSS) in AN HTTP 1.41e allows remote attackers to execute arbitrary web script or HTML as other users via a URL containing the script.
network
an
4.3
2003-12-31 CVE-2003-1270 Denial-Of-Service vulnerability in AN An-Http 1.41E
AN HTTP 1.41e allows remote attackers to cause a denial of service (borken pipe) via an HTTP request to aux.cgi with a long argument, possibly triggering a buffer overflow or MS-DOS device vulnerability.
network
low complexity
an
5.0
2003-12-31 CVE-2003-1269 Buffer Overflow vulnerability in AN An-Http 1.41E
AN HTTP 1.41e allows remote attackers to obtain the root web server path via an HTTP request with a long argument to a script, which leaks the path in an error message.
network
low complexity
an
5.0
2002-12-31 CVE-2002-1930 Buffer Overflow vulnerability in AN HTTPD Malformed SOCKS4 Request
Buffer overflow in AN HTTPd 1.38 through 1.4.1c allows remote attackers to execute arbitrary code via a SOCKS4 request with a long username.
network
low complexity
an
7.5
1999-11-02 CVE-1999-0947 Unspecified vulnerability in AN An-Httpd 1.2B
AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters.
network
low complexity
an
7.5