本頁列出影響 an an-httpd 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2006-1598 | AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with (1) dot and (2) space characters in the file extension. | [email protected] | 7.8 | 1.90% | 2006-04-03 | 2026-06-16 |
| CVE-2005-1086 | Buffer overflow in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to execute arbitrary code via an HTTP request with a long User-Agent header. | [email protected] | 6.4 | 5.57% | 2005-05-02 | 2026-06-16 |
| CVE-2005-1087 | CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to spoof or hide entries in the logfile, and possibly read files using an injected type command, via CRLF sequences in an HTTP request. | [email protected] | 6.4 | 2.29% | 2005-04-07 | 2026-06-16 |
| CVE-2002-1930 | Buffer overflow in AN HTTPd 1.38 through 1.4.1c allows remote attackers to execute arbitrary code via a SOCKS4 request with a long username. | [email protected] | 7.5 | 5.46% | 2002-12-31 | 2026-06-16 |
| CVE-1999-0947 | AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters. | [email protected] | 7.5 | 3.16% | 1999-11-02 | 2026-06-16 |