FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

monkey -- improper input validation vulnerability

Affected packages
monkey < 0.9.3

Details

VuXML ID 4465c897-ee5c-11de-b6ef-00215c6a37bb
Discovery 2009-12-14
Entry 2009-12-21

Census Labs reports:

We have discovered a remotely exploitable "improper input validation" vulnerability in the Monkey web server that allows an attacker to perform denial of service attacks by repeatedly crashing worker threads that process HTTP requests.

References

URL http://census-labs.com/news/2009/12/14/monkey-httpd/
URL http://groups.google.com/group/monkeyd/browse_thread/thread/055b4e9b83973861/