Bugtraq mailing list archives
DomsHttpd 1.0 <= Remote Denial Of Service
From: pereira () secbiz de
Date: Tue, 17 Jul 2012 09:14:57 GMT
################################################# DomsHttpd 1.0 <= Remote Denial Of Service ################################################# Discovered by: Jean Pascal Pereira <pereira () secbiz de> About DomsHttpd: "A very simple HTTP protocol program base on asynchronous socket model." Vendor URI: http://domshttpd.codeplex.com/ ################################################# The remote attacker has the possibility to crash the application by sending a malformed referer inside the HTTP request. ------------------------------------- Exploit / Proof Of Concept: http://dl.packetstormsecurity.net/1207-exploits/domshttpd-dos.txt ------------------------------------- Solution: Do some input validation. ------------------------------------- #############################################################################################
Current thread:
- DomsHttpd 1.0 <= Remote Denial Of Service pereira (Jul 17)