17 matches found
EUVD-2021-26659
Malware in sbrugna...
EUVD-2003-1328
Malware in sbrugna...
EUVD-2003-1327
Malware in sbrugna...
CVE-2003-1338
CRLF injection vulnerability in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to inject arbitrary HTTP headers and possibly conduct HTTP Response Splitting attacks via CRLF sequences in the Location header...
Aprelium Abyss Web Server Out-of-Bounds Read Vulnerability
Aprelium Abyss Web Server is a web server from the Tunisian company Aprelium. A security vulnerability exists in Aprelium Abyss Web Server X1 version 2.12.1 and version 2.14, which can be exploited by an attacker to potentially cause an out-of-bounds read via an HTTP request, which could result i...
CVE-2021-3328
An issue was discovered in Aprelium Abyss Web Server X1 2.12.1 and 2.14. A crafted HTTP request can lead to an out-of-bounds read that crashes the application...
Out-of-bounds
An issue was discovered in Aprelium Abyss Web Server X1 2.12.1 and 2.14. A crafted HTTP request can lead to an out-of-bounds read that crashes the application...
CVE-2021-3328
The CVE-2021-3328 entry concerns Aprelium Abyss Web Server X1 versions 2.12.1 and 2.14. Affected component: the HTTP request handling in Abyss Web Server X1. Root cause: a crafted HTTP request can trigger an out-of-bounds read, which can crash the application. Impact is described as a crash; no f...
CVE-2021-3328
An issue was discovered in Aprelium Abyss Web Server X1 2.12.1 and 2.14. A crafted HTTP request can lead to an out-of-bounds read that crashes the application...
Abyss httpd crash
It was possible to kill the web server by sending empty HTTP fields namely Connection: and Range:. SPDX-FileCopyrightText: 2008 Renaud Deraison Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
CVE-2003-1338
The CVE-2003-1338 entry documents a CRLF injection vulnerability in Aprelium Abyss Web Server
CVE-2003-1337
CVE-2003-1337 affects Aprelium Abyss Web Server 1.1.2 and earlier, with a heap-based buffer overflow triggered by a long HTTP GET request that could allow remote code execution. Affected versions are supported by sources noting vulnerabilities in versions earlier than 1.1.6; remediation is upgrad...
CVE-2003-1338
CRLF injection vulnerability in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to inject arbitrary HTTP headers and possibly conduct HTTP Response Splitting attacks via CRLF sequences in the Location header...
CVE-2003-1337
Heap-based buffer overflow in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request...
CVE-2002-0543
The vulnerability affects Aprelium Abyss Web Server (abyssws) prior to version 1.0.0.2. It is a directory traversal flaw that allows remote attackers to read files outside the web root by supplying URL-encoded .. sequences in the HTTP request, potentially exposing sensitive files such as abyss.co...
CVE-2002-0543
Directory traversal vulnerability in Aprelium Abyss Web Server abyssws before 1.0.0.2 allows remote attackers to read files outside the web root, including the abyss.conf file, via URL-encoded .. dot dot sequences in the HTTP request...
CVE-2002-0544
CVE-2002-0544 affects Aprelium Abyss Web Server (abyssws) before 1.0.3. The administrative console password is stored in plaintext in the abyss.conf file, allowing local users who can access the file to gain privileges. The connected documents provide the vulnerability description but do not spec...