CVE-1999-1417

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Aug 23, 1998

Updated: Nov 20, 2024

Summary

CVE-1999-1417 is a format string vulnerability affecting the AnswerBook2 (AB2) web server version 3.1a4 of dwhttpd. Malicious actors can exploit this issue by sending specially crafted HTTP requests containing encoded % characters. The server improperly logs these requests, allowing attackers to trigger a denial of service and potentially execute arbitrary commands. This vulnerability poses a serious threat, as it can lead to unauthorized system access and data manipulation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlXIA
https://www.cve.org/CVERecord?id=CVE-1999-1417
https://nvd.nist.gov/vuln/detail/CVE-1999-1417

Back to Vulnerability Database

CVE-1999-1417

CVSS 2.0 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations