################################################# DomsHttpd 1.0 <= Remote Denial Of Service ################################################# Discovered by: Jean Pascal Pereira <pereira@xxxxxxxxx> About DomsHttpd: "A very simple HTTP protocol program base on asynchronous socket model." Vendor URI: http://domshttpd.codeplex.com/ ################################################# The remote attacker has the possibility to crash the application by sending a malformed referer inside the HTTP request. ------------------------------------- Exploit / Proof Of Concept: http://dl.packetstormsecurity.net/1207-exploits/domshttpd-dos.txt ------------------------------------- Solution: Do some input validation. ------------------------------------- #############################################################################################
