FAT32 directory auth bypass on Linux Abyssws < 1.2

Luigi Auriemma Application: Abyss webserver http://www.aprelium.com Versions: minors than 1.2 Platforms: Linux version only Bug: Bypassing of password protected folders authorization on FAT32 filesystems Risk: medium but rarely users use Linux to run a webserver on a FAT32 partition Exploitation:...

Abyss webserver FAT partition protection bypass

Under linux, it's possible to access protected located on FAT partition by appending dot to filename...

Abyss Webserver multiple bugs

Buffer overflow, HTTP reply spoofing...

Aprelium Abyss Webserver DoS

Incomplete Connection: and Range: headers cause server to crash...

Abyss X1 1.1.2 remote crash

Application: Abyss Webserver http://www.aprelium.com Versions: X1 v 1.1.2 Platform: Windows and Linux Bug: Crash caused by the reading of an unreacheable memory zone Risk: Remote crash Author: Auriemma Luigi e-mail: [email protected] web: http://www.pivx.com/luigi/ 1 Introduction 2 Bug 3 The Code 4...

abyss.txt

Application: Abyss Webserver http://www.aprelium.com Versions: X1 v 1.1.2 Platform: Windows and Linux Bug: Crash caused by the reading of an unreacheable memory zone Risk: Remote crash Author: Auriemma Luigi e-mail: [email protected] web: http://www.pivx.com/luigi/ 1 Introduction 2 Bug 3 The Code 4...

Abyss WebServer Brute Force Vulnerability

Abyss WebServer Brute Force Vulnerability Package: Abyss WebServer Vendor Web Site: http://www.aprelium.com Versions: All versions = v1.1.2 Platforms: Linux, Windows Local: No Remote: Yes Fix Available: Nofix in progress Vendor Contacted: Sunday, February 09, 2003 6:12 PM Advisory Author: thomas...

Abyss 1.0.3 directory traversal and administration bugs

Auriemma Luigi, PivX security advisory Application: Abyss webserver http://www.aprelium.com Version: 1.0.3 patch 2 and previous, both Windows and Linux, patch 2 fix the administration bug Bug: Directory traversal and administration bugs Risk high: An attacker can view every file in the remote...