CVE-2008-5160

MyServer 0.8.11 - Denial of Service via Invalid HTTP Request Methods

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-5160. PoCs published by shinnai.

AI-analyzed exploit summary This exploit sends a malformed HTTP DELETE request with a large buffer to trigger a denial of service in MyServer 0.8.11. It repeatedly connects to the target and sends the payload to crash the service.

Description

Unspecified vulnerability in MyServer 0.8.11 allows remote attackers to cause a denial of service (daemon crash) via multiple invalid requests with the HTTP GET, DELETE, OPTIONS, and possibly other methods, related to a "204 No Content error."

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · pythondoswindows

https://www.exploit-db.com/exploits/5184

View Code ZIP pw:eip

This exploit sends a malformed HTTP DELETE request with a large buffer to trigger a denial of service in MyServer 0.8.11. It repeatedly connects to the target and sends the payload to crash the service.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: MyServer 0.8.11

No auth needed

Prerequisites: Network access to the target server · MyServer 0.8.11 running on the target

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/5184

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/27981

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/4609

Scores

EPSS 0.0347

EPSS Percentile 87.5%

Details

Status published

Products (1)

myserver/myserver 0.8.11

Published Nov 18, 2008

Tracked Since Feb 18, 2026