Description
Sergey Lyubka Simple HTTPD (shttpd) 1.3 on Windows allows remote attackers to cause a denial of service via a request that includes an MS-DOS device name, as demonstrated by the /aux URI.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by shinnai · pythondoswindows
https://www.exploit-db.com/exploits/4717
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/38980
Exploit x_refsource_misc
http://shinnai.altervista.org/exploits/txt/TXT_8kXDua0a0Tl5Vm5LU3ms.html
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/4717
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/26813
Scores
EPSS
0.0640
EPSS Percentile
91.1%
Details
CWE
CWE-20
Status
published
Products (1)
sergey_lyubka/simple_httpd
1.3
Published
Dec 13, 2007
Tracked Since
Feb 18, 2026