Monkey HTTP Server 0.4/0.5 Invalid POST Request Denial of Service Vulnerability

2002-11-02T00:00:00
ID EDB-ID:21981
Type exploitdb
Reporter anonymous
Modified 2002-11-02T00:00:00

Description

Monkey HTTP Server 0.4/0.5 Invalid POST Request Denial Of Service Vulnerability. CVE-2002-1663. Dos exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/6096/info

A denial of service vulnerability has been reported for Monkey HTTP server. The vulnerability is due to inadequate checks being performed when decoding POST requests.

An attacker can exploit this vulnerability by issuing a POST request with an invalid Content-Length header, or without a Content-Length value. When the server attempts to service the request, it will crash and lead to the denial of service condition. 

POST / HTTP/1.1
Host: 127.0.0.1:2001
Content-Length: 1