CVE-2013-3724

Monkey - Improper Input Validation

Title source: rule

Description

The mk_request_header_process function in mk_request.c in Monkey 1.1.1 allows remote attackers to cause a denial of service (thread crash and service outage) via a '\0' character in an HTTP request.

Exploits (1)

exploitdb WORKING POC

by Doug Prostko · textdoslinux

https://www.exploit-db.com/exploits/25837

View Code ZIP pw:eip

References (1)

Core 1

Core References

Exploit, Patch x_refsource_confirm

http://bugs.monkey-project.com/ticket/181

Scores

EPSS 0.0887

EPSS Percentile 92.6%

Details

CWE

CWE-20

Status published

Products (1)

monkey-project/monkey 1.1.1

Published Aug 01, 2013

Tracked Since Feb 18, 2026