7.8

CVE-2006-1598

AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with (1) dot and (2) space characters in the file extension.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AnAn-httpd Version <= 1.42n
AnAn-httpd Version1.2b
AnAn-httpd Version1.38
AnAn-httpd Version1.39
AnAn-httpd Version1.40
AnAn-httpd Version1.41
AnAn-httpd Version1.41b
AnAn-httpd Version1.41c
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.9% 0.769
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:C/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/19326
Patch
Vendor Advisory
http://secunia.com/secunia_research/2006-21/advisory
Vendor Advisory
http://securitytracker.com/id?1015858
http://www.osvdb.org/24323
http://www.securityfocus.com/archive/1/429667/100/0/threaded
http://www.securityfocus.com/bid/17350
Patch
http://www.vupen.com/english/advisories/2006/1200
https://exchange.xforce.ibmcloud.com/vulnerabilities/25591