MidnightBSD

Advisories for ada

CVE-2004-1887 MEDIUM

Ada Image Server (ImgSvr) 0.4 allows remote attackers to view directories or download files via an HTTP request with a trailing %00 (null).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ada imgsvr 0.4
CVE-2004-2463 HIGH

Buffer overflow in ADA Image Server (ImgSvr) 0.4 allows remote attackers to cause a denial of service (web server crash) or execute arbitrary code via a long GET request.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ada imgsvr 0.4
CVE-2004-2464 MEDIUM

Directory traversal vulnerability in ADA Image Server (ImgSvr) 0.4 allows remote attackers to read arbitrary files or list directories via hex-encoded "..//" sequences ("%2e%2e%2f%2f"). NOTE: it was later reported that 0.6.21 and earlier is also affected.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ada imgsvr 0.4
CVE-2006-3546 MEDIUM

Patrice Freydiere ImgSvr (aka ADA Image Server) allows remote attackers to cause a denial of service (daemon crash) via a long HTTP POST request. NOTE: this might be the same issue as CVE-2004-2463.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ada imgsvr 0.6.5
CVE-2024-9410

Ada.cx's Sentry configuration allowed for blind server-side request forgeries (SSRF) through the use of a data scraping endpoint.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
vulnreport@tenable.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

Products Affected

Vendor Product Version
ada ada *