The get_real_string function in Monkey HTTP Daemon ...
Moderate severity
Unreviewed
Published
Apr 29, 2022
to the GitHub Advisory Database
•
Updated Jan 30, 2023
Description
Published by the National Vulnerability Database
Nov 23, 2004
Published to the GitHub Advisory Database
Apr 29, 2022
Last updated
Jan 30, 2023
The get_real_string function in Monkey HTTP Daemon (monkeyd) 0.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an HTTP request with a sequence of "%" characters and a missing Host field.
References