VYPR

Httpdx

by Jasper

CVEs (6)

  • CVE-2009-3711Oct 16, 2009
    risk 0.08cvss epss 0.64

    Stack-based buffer overflow in the h_handlepeer function in http.cpp in httpdx 1.4, and possibly 1.4.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request.

  • CVE-2009-4769Apr 20, 2010
    risk 0.06cvss epss 0.38

    Multiple format string vulnerabilities in the tolog function in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5 allow (1) remote attackers to execute arbitrary code via format string specifiers in a GET request to the HTTP server component when logging is enabled, and allow (2) remote…

  • CVE-2009-4531Dec 31, 2009
    risk 0.04cvss epss 0.07

    httpdx 1.4.4 and earlier allows remote attackers to obtain the source code for a web page by appending a . (dot) character to the URI.

  • CVE-2009-3663Oct 11, 2009
    risk 0.04cvss epss 0.15

    Format string vulnerability in the h_readrequest function in http.c in httpdx Web Server 1.4 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in the Host header.

  • CVE-2024-0419Jan 11, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Jasper httpdx up to 1.5.4 and classified as problematic. This issue affects some unknown processing of the component HTTP POST Request Handler. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been…

  • CVE-2009-4770Apr 20, 2010
    risk 0.00cvss epss 0.01

    The FTP server component in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5 has a default password of pass123 for the moderator account, which makes it easier for remote attackers to obtain privileged access.