Описание
AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with (1) dot and (2) space characters in the file extension.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- Patch
- PatchVendor Advisory
- Vendor Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1Версия до 1.42n (включая)
Одно из
cpe:2.3:a:an:an-httpd:*:*:*:*:*:*:*:*
cpe:2.3:a:an:an-httpd:1.2b:*:*:*:*:*:*:*
cpe:2.3:a:an:an-httpd:1.38:*:*:*:*:*:*:*
cpe:2.3:a:an:an-httpd:1.39:*:*:*:*:*:*:*
cpe:2.3:a:an:an-httpd:1.40:*:*:*:*:*:*:*
cpe:2.3:a:an:an-httpd:1.41:*:*:*:*:*:*:*
cpe:2.3:a:an:an-httpd:1.41b:*:*:*:*:*:*:*
cpe:2.3:a:an:an-httpd:1.41c:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.00835
Низкий
7.8 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with (1) dot and (2) space characters in the file extension.
EPSS
Процентиль: 74%
0.00835
Низкий
7.8 High
CVSS2
Дефекты
NVD-CWE-Other