Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Appweb Web Server Denial Of Service

🗓️ 28 Mar 2015 00:00:00Reported by Matthew DaleyType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 52 Views

Appweb Web Server Denial Of Service due to HTTP Range Heade

Related
Code
ReporterTitlePublishedViews
Family
CNVD		Embedthis Software Appweb Denial of Service Vulnerability
1 Apr 201500:00
cnvd
CVE		CVE-2014-9708
31 Mar 201500:00
cve
Cvelist		CVE-2014-9708
31 Mar 201500:00
cvelist
EUVD		EUVD-2014-9515
7 Oct 202500:30
euvd
NVD		CVE-2014-9708
31 Mar 201514:59
nvd
OpenVAS		Palo Alto PAN-OS DoS Vulnerability (PAN-SA-2016-0027)
6 Jan 201700:00
openvas
OpenVAS		Embedthis Appweb Web Server Remote Denial of Service Vulnerability
1 Apr 201500:00
openvas
Oracle		Oracle Critical Patch Update - July 2016
19 Jul 201600:00
oracle
Palo Alto Networks		Web interface denial of service
11 Oct 201619:00
paloalto
Palo Alto Networks		Web interface denial of service
11 Oct 201619:00
paloalto
Rows per page
`Affected software: Appweb Web Server  
CVE ID: CVE-2014-9708  
  
Description: An HTTP request with a Range header of the form "Range:  
x=," (ie. with an empty range value) will cause a null pointer  
dereference, leading to a remotely-triggerable DoS.  
  
Fixed versions: 4.6.6, 5.2.1  
Bug entry: https://github.com/embedthis/appweb/issues/413  
Fix: https://github.com/embedthis/appweb/commit/7e6a925f5e86a19a7934a94bbd6959101d0b84eb#diff-7ca4d62c70220e0e226e7beac90c95d9L17348  
Reported by: Matthew Daley  
  
- Matthew Daley  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
28 Mar 2015 00:00Current
9.5High risk
Vulners AI Score9.5
EPSS0.0451
appweb web serverdenial of servicehttp requestrange headercve-2014-9708null pointer dereferenceremotely-triggerablefixed versionsbug entryfixgithubreported by matthew daley
52