Monkey HTTPd improper input validation vulnerability
| census ID: | census-2009-0004 |
| Affected Products: | Monkey web server versions ≤ 0.9.2. |
| Class: | Improper Input Validation (CWE-20), Incorrect Calculation (CWE-682) |
| Remote: | Yes |
| Discovered by: | Patroklos Argyroudis |
We have discovered a remotely exploitable “improper input validation” vulnerability in the Monkey web server that allows an attacker to perform denial of service attacks by repeatedly crashing worker threads that process HTTP requests.
read more...