Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1364

Overview

Vulnerability Score 8.5 8.5
CVE Id CVE-2003-1364
Last Modified 05 Sep 2008 04:36:44
Published 31 Dec 2003 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-1364

Summary

Aprelium Technologies Abyss Web Server 1.1.2, and possibly other versions before 1.1.4, allows remote attackers to cause a denial of service (crash) via an HTTP GET message with empty (1) Connection or (2) Range fields.

Vulnerable Systems

Application

  • Aprelium Technologies Abyss Web Server 1.1.2


References

BID - 7287

XF - abyss-http-get-dos(11718)

BUGTRAQ - 20030405 Abyss X1 1.1.2 remote crash


Last Updated: 27 May 2016 10:38:20