Articles with tag: Imporper Input Validation
POSTED BY: Patroklos Argyroudis / 14.12.2009

Monkey HTTPd improper input validation vulnerability

CENSUS ID:CENSUS-2009-0004
Affected Products:Monkey web server versions ≤ 0.9.2.
Class:Improper Input Validation (CWE-20), Incorrect Calculation (CWE-682)
Remote:Yes
Discovered by:Patroklos Argyroudis

We have discovered a remotely exploitable “improper input validation” vulnerability in the Monkey web server that allows an attacker to perform denial of service attacks by repeatedly crashing worker threads that process HTTP requests.