Vulnerabilities > AN > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-1086 | Remote Buffer Overflow vulnerability in AN An-Httpd 1.42N Buffer overflow in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to execute arbitrary code via an HTTP request with a long User-Agent header. | 6.4 |
| 2005-04-07 | CVE-2005-1087 | Unspecified vulnerability in AN An-Httpd 1.42N CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to spoof or hide entries in the logfile, and possibly read files using an injected type command, via CRLF sequences in an HTTP request. | 6.4 |
| 2003-12-31 | CVE-2003-1271 | Cross-Site Scripting vulnerability in AN An-Http 1.41E Cross-site scripting vulnerability (XSS) in AN HTTP 1.41e allows remote attackers to execute arbitrary web script or HTML as other users via a URL containing the script. network an | 4.3 |
| 2003-12-31 | CVE-2003-1270 | Denial-Of-Service vulnerability in AN An-Http 1.41E AN HTTP 1.41e allows remote attackers to cause a denial of service (borken pipe) via an HTTP request to aux.cgi with a long argument, possibly triggering a buffer overflow or MS-DOS device vulnerability. | 5.0 |
| 2003-12-31 | CVE-2003-1269 | Buffer Overflow vulnerability in AN An-Http 1.41E AN HTTP 1.41e allows remote attackers to obtain the root web server path via an HTTP request with a long argument to a script, which leaks the path in an error message. | 5.0 |