CVE-2005-1087

EPSS 4.25%
Veröffentlicht 07.04.2005 04:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to spoof or hide entries in the logfile, and possibly read files using an injected type command, via CRLF sequences in an HTTP request.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

An ≫ An-httpd Version1.42n

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	4.25%	0.877

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:P/I:P/A:N

http://secunia.com/advisories/14861

Vendor Advisory

http://securitytracker.com/id?1013666

Vendor Advisory

http://www.osvdb.org/15362

Vendor Advisory

http://www.security.org.sg/vuln/anhttpd142n.html

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/20031

https://nvd.nist.gov/vuln/detail/CVE-2005-1087

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-1087

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-1087

EUVD