oss-sec mailing list archives

CVE request: Monkey HTTPD - DoS due bug on Range header handling

From: Felipe Pena <felipensp () gmail com>
Date: Fri, 7 Jun 2013 22:25:27 -0300

I've found an issue on the way as Monkey HTTPD handle the Range HTTP header
when receiving Range:bytes=N-N where N is the exact file size, which causes
the
thread to go into an infinite loop, hence keeping the server busy on each
request until a server shutdown.

More details on bug report at http://bugs.monkey-project.com/ticket/184

-- 
Regards,
Felipe Pena

Current thread:

CVE request: Monkey HTTPD - DoS due bug on Range header handling Felipe Pena (Jun 07)
- Re: CVE request: Monkey HTTPD - DoS due bug on Range header handling Kurt Seifried (Jun 10)