CVSS: 5.0EPSS: 3%CPEs: 1EXPL: 3CVE-2007-6326 – Simple HTTPd 1.41 - '/aux' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-6326
Sergey Lyubka Simple HTTPD (shttpd) 1.3 on Windows allows remote attackers to cause a denial of service via a request that includes an MS-DOS device name, as demonstrated by the /aux URI. Sergey Lyubka Simple HTTPD (shttpd) 1.3 en Windows permite a atacantes remotos provocar una denegación de servicio mediante una petición que incluye un nombre de dispositivo MS-DOS, como ha sido demostrado por el URI /aux. • https://www.exploit-db.com/exploits/4717 http://shinnai.altervista.org/exploits/txt/TXT_8kXDua0a0Tl5Vm5LU3ms.html http://www.securityfocus.com/bid/26813 https://exchange.xforce.ibmcloud.com/vulnerabilities/38980 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 2CVE-2007-3407 – SHTTPD 1.38 - Filename Parse Error Information Disclosure
https://notcve.org/view.php?id=CVE-2007-3407
Sergey Lyubka Simple HTTPD (shttpd) 1.38 allows remote attackers to obtain sensitive information (script source code) via a URL with a trailing encoded space (%20). Sergey Lyubka Simple HTTPD (shttpd) 1.38 permite a atacantes remotos obtener información sensible (código fuente de secuencias de comandos) mediante un URL con un rastro de espacio codificado (%20). • https://www.exploit-db.com/exploits/30229 http://osvdb.org/37732 http://secunia.com/advisories/25809 http://securityreason.com/securityalert/2832 http://www.securityfocus.com/archive/1/472190/100/0/threaded http://www.securityfocus.com/bid/24618 https://exchange.xforce.ibmcloud.com/vulnerabilities/35038 •
CVSS: 7.5EPSS: 94%CPEs: 1EXPL: 2CVE-2006-5216 – SHTTPD 1.34 - 'POST' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-5216
Stack-based buffer overflow in Sergey Lyubka Simple HTTPD (shttpd) 1.34 allows remote attackers to execute arbitrary code via a long URI. Desbordamiento de búfer basado en pila en Sergey Lyubka Simple HTTPD (shttpd) 1.34 permite a atacantes remotos ejecutar código de su elección mediante un URI (Identificador Uniforme de Recurso) largo. • https://www.exploit-db.com/exploits/2482 https://www.exploit-db.com/exploits/16759 http://exploitlabs.com/files/advisories/EXPL-A-2006-005-shttpd.txt http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050146.html http://secunia.com/advisories/22294 http://securitytracker.com/id?1017088 http://www.securityfocus.com/bid/20393 http://www.vupen.com/english/advisories/2006/3939 https://exchange.xforce.ibmcloud.com/vulnerabilities/29368 •