AI Score
Confidence
High
EPSS
Percentile
94.7%
The get_real_string function in Monkey HTTP Daemon (monkeyd) 0.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an HTTP request with a sequence of “%” characters and a missing Host field.
aluigi.altervista.org/poc/monkeydos.zip
marc.info/?l=bugtraq&m=107652610506968&w=2
monkeyd.sourceforge.net/
www.osvdb.org/3921
www.securityfocus.com/bid/9642
exchange.xforce.ibmcloud.com/vulnerabilities/15187