Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
monkey-project monkey vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2013-2183
Monkey HTTP Daemon has local security bypass
Monkey-project Monkey -
9.8
CVSSv3
CVE-2013-2159
Monkey HTTP Daemon: broken user name authentication
Monkey-project Monkey 1.2.1
7.5
CVSSv3
CVE-2013-1771
The web server Monkeyd produces a world-readable log (/var/log/monkeyd/master.log) on gentoo.
Monkey-project Monkey -
NA
CVE-2014-5336
Monkey HTTP Server prior to 1.5.3, when the File Descriptor Table (FDT) is enabled and custom error messages are set, allows remote malicious users to cause a denial of service (file descriptor consumption) via an HTTP request that triggers an error message.
Monkey-project Monkey 0.1.1
Monkey-project Monkey 0.1.4
Monkey-project Monkey 0.5.0
Monkey-project Monkey 0.5.1
Monkey-project Monkey 0.5.2
Monkey-project Monkey 0.6.0
Monkey-project Monkey 0.6.1
Monkey-project Monkey 0.6.2
Monkey-project Monkey 0.6.3
Monkey-project Monkey 0.7.0
Monkey-project Monkey 0.7.1
Monkey-project Monkey 0.7.2
Monkey-project Monkey 0.8.0
Monkey-project Monkey 0.8.1
Monkey-project Monkey 0.8.2
Monkey-project Monkey 0.8.3
Monkey-project Monkey 0.8.4
Monkey-project Monkey 0.8.5
Monkey-project Monkey 0.9.0
Monkey-project Monkey 0.9.1
Monkey-project Monkey 0.9.2
Monkey-project Monkey 0.9.3
NA
CVE-2013-3843
Stack-based buffer overflow in the mk_request_header_process function in mk_request.c in Monkey HTTP Daemon (monkeyd) prior to 1.2.1 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP header.
Monkey-project Monkey
NA
CVE-2013-2182
The Mandril security plugin in Monkey HTTP Daemon (monkeyd) prior to 1.5.0 allows remote malicious users to bypass access restrictions via a crafted URI, as demonstrated by an encoded forward slash.
Monkey-project Monkey
1 EDB exploit
NA
CVE-2013-2163
Monkey HTTP Daemon (monkeyd) prior to 1.2.2 allows remote malicious users to cause a denial of service (infinite loop) via an offset equal to the file size in the Range HTTP header.
Monkey-project Monkey 1.2.0
Monkey-project Monkey
NA
CVE-2013-3724
The mk_request_header_process function in mk_request.c in Monkey 1.1.1 allows remote malicious users to cause a denial of service (thread crash and service outage) via a '\0' character in an HTTP request.
Monkey-project Monkey 1.1.1
1 EDB exploit
NA
CVE-2013-2181
Cross-site scripting (XSS) vulnerability in the Directory Listing plugin in Monkey HTTP Daemon (monkeyd) 1.2.2 allows malicious users to inject arbitrary web script or HTML via a file name.
Monkey-project Monkey 1.2.2
NA
CVE-2012-4442
Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the root account during operations with a non-root effective UID, which might allow local users to bypass intended file-read restrictions by leveraging a race condition in a file-permission check.
Monkey-project Monkey 0.9.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »