CVE-2006-1046

Monopd - Denial of Service

Title source: rule

Description

server.cpp in Monopd 0.9.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via a string containing a large number of characters that are escaped when Monopd produces XML output.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Luigi Auriemma · textdosmultiple

https://www.exploit-db.com/exploits/27365

View Code ZIP pw:eip

References (6)

Core 6

Core References

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/0844

Various Sources x_refsource_confirm

http://www.robertjohnkaper.com/downloads/atlantik/monopd-0.9.3-dosfix.diff

Exploit, Patch, Vendor Advisory x_refsource_misc

http://aluigi.altervista.org/adv/monopdx-adv.txt

Patch, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/19133

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/16981

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/25161

Scores

EPSS 0.1217

EPSS Percentile 93.9%

Details

Status published

Products (1)

monopd/monopd 0.9.3

Published Mar 07, 2006

Tracked Since Feb 18, 2026