CVE-2004-0276

Name of the Vulnerable Software and Affected Versions Monkey HTTP Daemon versions 0.8.1 and earlier

Description The issue allows remote attackers to cause a denial of service, resulting in a crash, by sending an HTTP request with a sequence of "%" characters and a missing Host field. This is due to a problem in the get real string function.

Recommendations For Monkey HTTP Daemon versions 0.8.1 and earlier, consider disabling the get real string function as a temporary workaround until a patch is available. Restrict access to the HTTP request handling module to minimize the risk of exploitation. Avoid processing HTTP requests with a sequence of "%" characters and a missing Host field until the issue is resolved.