27 matches found
CVE-2003-1363
The remote web management interface of Aprelium Technologies Abyss Web Server 1.1.2 and earlier does not log connection attempts to the web management port 9999, which allows remote attackers to mount brute force attacks on the administration console without detection...
EUVD-2003-1328
Malware in sbrugna...
EUVD-2003-1327
Malware in sbrugna...
EUVD-2003-1354
Malware in sbrugna...
EUVD-2021-26659
Malware in sbrugna...
CVE-2003-1338
CRLF injection vulnerability in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to inject arbitrary HTTP headers and possibly conduct HTTP Response Splitting attacks via CRLF sequences in the Location header...
Aprelium Abyss Web Server Out-of-Bounds Read Vulnerability
Aprelium Abyss Web Server is a web server from the Tunisian company Aprelium. A security vulnerability exists in Aprelium Abyss Web Server X1 version 2.12.1 and version 2.14, which can be exploited by an attacker to potentially cause an out-of-bounds read via an HTTP request, which could result i...
CVE-2021-3328
An issue was discovered in Aprelium Abyss Web Server X1 2.12.1 and 2.14. A crafted HTTP request can lead to an out-of-bounds read that crashes the application...
Out-of-bounds
An issue was discovered in Aprelium Abyss Web Server X1 2.12.1 and 2.14. A crafted HTTP request can lead to an out-of-bounds read that crashes the application...
CVE-2021-3328
An issue was discovered in Aprelium Abyss Web Server X1 2.12.1 and 2.14. A crafted HTTP request can lead to an out-of-bounds read that crashes the application...
CVE-2021-3328
The CVE-2021-3328 entry concerns Aprelium Abyss Web Server X1 versions 2.12.1 and 2.14. Affected component: the HTTP request handling in Abyss Web Server X1. Root cause: a crafted HTTP request can trigger an out-of-bounds read, which can crash the application. Impact is described as a crash; no f...
aprelium.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1155749 Security Researcher k0t Helped patch 2151 vulnerabilities Received 9 Coordinated Disclosure badges Received 98 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting aprelium.com website and its...
Abyss Web Server Detection (HTTP)
Detection of Abyss Web Server. The script sends a connection request to the server and attempts to detect Abyss Web Server and to extract its version. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respecti...
Abyss httpd crash
It was possible to kill the web server by sending empty HTTP fields namely Connection: and Range:. SPDX-FileCopyrightText: 2008 Renaud Deraison Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
CVE-2003-1363
The CVE affects Aprelium Technologies Abyss Web Server 1.1.2 and earlier, where the remote web management interface on port 9999 fails to log connection attempts. This lack of logging can enable remote brute-force attacks against the administration console without detection. The available connect...
CVE-2003-1363
The remote web management interface of Aprelium Technologies Abyss Web Server 1.1.2 and earlier does not log connection attempts to the web management port 9999, which allows remote attackers to mount brute force attacks on the administration console without detection...
CVE-2003-1364
Summary: CVE-2003-1364 affects Aprelium Technologies Abyss Web Server (likely 1.1.2 and possibly older before 1.1.4). A remote attacker can cause a denial of service (server crash) by sending an HTTP GET request with empty headers in the Connection or Range fields. The OpenVAS/Nessus entries corr...
CVE-2003-1364
Aprelium Technologies Abyss Web Server 1.1.2, and possibly other versions before 1.1.4, allows remote attackers to cause a denial of service crash via an HTTP GET message with empty 1 Connection or 2 Range fields...
CVE-2003-1338
The CVE-2003-1338 entry documents a CRLF injection vulnerability in Aprelium Abyss Web Server
CVE-2003-1337
CVE-2003-1337 affects Aprelium Abyss Web Server 1.1.2 and earlier, with a heap-based buffer overflow triggered by a long HTTP GET request that could allow remote code execution. Affected versions are supported by sources noting vulnerabilities in versions earlier than 1.1.6; remediation is upgrad...