Unrated severityNVD Advisory· Published Apr 3, 2006· Updated Apr 16, 2026

CVE-2006-1598

Description

AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with (1) dot and (2) space characters in the file extension.

Affected products

An/An Httpd8 versions
cpe:2.3:a:an:an-httpd:*:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:an:an-httpd:*:*:*:*:*:*:*:*range: <=1.42n
- cpe:2.3:a:an:an-httpd:1.2b:*:*:*:*:*:*:*
- cpe:2.3:a:an:an-httpd:1.38:*:*:*:*:*:*:*
- cpe:2.3:a:an:an-httpd:1.39:*:*:*:*:*:*:*
- cpe:2.3:a:an:an-httpd:1.40:*:*:*:*:*:*:*
- cpe:2.3:a:an:an-httpd:1.41:*:*:*:*:*:*:*
- cpe:2.3:a:an:an-httpd:1.41b:*:*:*:*:*:*:*
- cpe:2.3:a:an:an-httpd:1.41c:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/19326nvdPatchVendor Advisory
www.securityfocus.com/bid/17350nvdPatch
secunia.com/secunia_research/2006-21/advisorynvdVendor Advisory
securitytracker.com/idnvd
www.osvdb.org/24323nvd
www.securityfocus.com/archive/1/429667/100/0/threadednvd
www.vupen.com/english/advisories/2006/1200nvd
exchange.xforce.ibmcloud.com/vulnerabilities/25591nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000