CVE-2005-1087

EPSS 4.25%
Published 07.04.2005 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to spoof or hide entries in the logfile, and possibly read files using an injected type command, via CRLF sequences in an HTTP request.

Affected products Warnungen 0 Metrics 2 CWE 0 References 8

Data is provided by the National Vulnerability Database (NVD)

An ≫ An-httpd Version1.42n

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	4.25%	0.877

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:P/I:P/A:N

http://secunia.com/advisories/14861

Vendor Advisory

http://securitytracker.com/id?1013666

Vendor Advisory

http://www.osvdb.org/15362

Vendor Advisory

http://www.security.org.sg/vuln/anhttpd142n.html

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/20031

https://nvd.nist.gov/vuln/detail/CVE-2005-1087

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-1087

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-1087

EUVD