Vulnerability Description
AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with (1) dot and (2) space characters in the file extension.
CVSS Score
7.8
HIGH
AV:N/AC:L/Au:N/C:C/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| An | An-Httpd | <= 1.42n |
References
- http://secunia.com/advisories/19326PatchVendor Advisory
- http://secunia.com/secunia_research/2006-21/advisoryVendor Advisory
- http://securitytracker.com/id?1015858
- http://www.osvdb.org/24323
- http://www.securityfocus.com/archive/1/429667/100/0/threaded
- http://www.securityfocus.com/bid/17350Patch
- http://www.vupen.com/english/advisories/2006/1200
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25591
- http://secunia.com/advisories/19326PatchVendor Advisory
- http://secunia.com/secunia_research/2006-21/advisoryVendor Advisory
- http://securitytracker.com/id?1015858
- http://www.osvdb.org/24323
- http://www.securityfocus.com/archive/1/429667/100/0/threaded
- http://www.securityfocus.com/bid/17350Patch
- http://www.vupen.com/english/advisories/2006/1200
FAQ
What is CVE-2006-1598?
CVE-2006-1598 is a vulnerability with a CVSS score of 7.8 (HIGH). AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with (1) dot and (2) space characters in the file extension.
How severe is CVE-2006-1598?
CVE-2006-1598 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-1598?
Check the references section above for vendor advisories and patch information. Affected products include: An An-Httpd.