CVE-2007-6326

Name of the Vulnerable Software and Affected Versions Sergey Lyubka Simple HTTPD (shttpd) version 1.3

Description The issue allows remote attackers to cause a denial of service. This can be achieved via a request that includes an MS-DOS device name. For example, the "/aux" URI can be used to demonstrate this issue.

Recommendations For version 1.3, consider restricting access to the vulnerable URI to minimize the risk of exploitation. As a temporary workaround, avoid using MS-DOS device names in requests until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.