MidnightBSD

Advisories for mbedthis_software

CVE-2004-2213 MEDIUM

Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to obtain the source code for scripts via a (1) trailing dot (".") or (2) trailing space in an HTTP request.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mbedthis_software mbedthis_appweb_http_server 1.0.2
mbedthis_software mbedthis_appweb_http_server 1.0
mbedthis_software mbedthis_appweb_http_server 1.1.1
mbedthis_software mbedthis_appweb_http_server 1.0.4
mbedthis_software mbedthis_appweb_http_server 1.1.2
mbedthis_software mbedthis_appweb_http_server 1.1
mbedthis_software mbedthis_appweb_http_server 1.0.3
mbedthis_software mbedthis_appweb_http_server 1.0.1
CVE-2004-2315 MEDIUM

Mbedthis AppWeb HTTP server before 1.0.2 allows remote attackers to cause a denial of service (crash) via an empty OPTIONS request.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mbedthis_software mbedthis_appweb_http_server 1.0
mbedthis_software mbedthis_appweb_http_server 1.0.1
CVE-2004-2317 MEDIUM

Information leak in Mbedthis AppWeb HTTP server 1.0 through 1.1.2 allows remote attackers to obtain sensitive information via a user message that is generated when Mbedthis denies access.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mbedthis_software mbedthis_appweb_http_server 1.0.2
mbedthis_software mbedthis_appweb_http_server 1.0
mbedthis_software mbedthis_appweb_http_server 1.1.1
mbedthis_software mbedthis_appweb_http_server 1.0.4
mbedthis_software mbedthis_appweb_http_server 1.1.2
mbedthis_software mbedthis_appweb_http_server 1.1
mbedthis_software mbedthis_appweb_http_server 1.0.3
mbedthis_software mbedthis_appweb_http_server 1.0.1