Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
monkey-project monkey - vulnerabilities and exploits
(subscribe to this query)
4.7
CVSSv2
CVE-2012-4442
Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the root account during operations with a non-root effective UID, which might allow local users to bypass intended file-read restrictions by leveraging a race condition in a file-permission check.
Monkey-project Monkey 0.9.3
6.9
CVSSv2
CVE-2012-4443
Monkey HTTP Daemon 0.9.3 uses a real UID of root and a real GID of root during execution of CGI scripts, which might allow local users to gain privileges by leveraging cgi-bin write access.
Monkey-project Monkey 0.9.3
5
CVSSv2
CVE-2005-1123
Monkey daemon (monkeyd) prior to 0.9.1 allows remote malicious users to cause a denial of service (memory corruption) via a request for a zero byte file.
Monkey-project Monkey 0.8.0
Monkey-project Monkey 0.8.3
Monkey-project Monkey 0.7.0
Monkey-project Monkey 0.5.2
Monkey-project Monkey 0.8.1
Monkey-project Monkey 0.8.5
Monkey-project Monkey 0.8.4
Monkey-project Monkey 0.7.2
Monkey-project Monkey 0.6.0
Monkey-project Monkey 0.6.1
Monkey-project Monkey 0.6.2
Monkey-project Monkey
Monkey-project Monkey 0.8.2
Monkey-project Monkey 0.7.1
Monkey-project Monkey 0.6.3
Monkey-project Monkey 0.1.1
7.5
CVSSv2
CVE-2005-1122
Format string vulnerability in cgi.c for Monkey daemon (monkeyd) prior to 0.9.1 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via an HTTP GET request containing double-encoded format string specifiers (aka "double expansion er...
Monkey-project Monkey 0.8.0
Monkey-project Monkey 0.7.0
Monkey-project Monkey 0.7.2
Monkey-project Monkey 0.8.5
Monkey-project Monkey 0.8.4
Monkey-project Monkey 0.8.3
Monkey-project Monkey 0.6.1
Monkey-project Monkey 0.6.2
Monkey-project Monkey 0.6.3
Monkey-project Monkey 0.5.2
Monkey-project Monkey
Monkey-project Monkey 0.8.1
Monkey-project Monkey 0.8.2
Monkey-project Monkey 0.7.1
Monkey-project Monkey 0.6.0
Monkey-project Monkey 0.1.1
5
CVSSv2
CVE-2004-0276
The get_real_string function in Monkey HTTP Daemon (monkeyd) 0.8.1 and previous versions allows remote malicious users to cause a denial of service (crash) via an HTTP request with a sequence of "%" characters and a missing Host field.
Monkey-project Monkey 0.7.1
Monkey-project Monkey 0.7.2
Monkey-project Monkey
Monkey-project Monkey 0.8.0
Monkey-project Monkey 0.7.0
Monkey-project Monkey 0.5.2
Monkey-project Monkey 0.1.1
Monkey-project Monkey 0.6.0
Monkey-project Monkey 0.6.1
Monkey-project Monkey 0.6.2
Monkey-project Monkey 0.6.3
1 EDB exploit
5
CVSSv2
CVE-2003-1209
The Post_Method function in Monkey HTTP Daemon prior to 0.6.2 allows remote malicious users to cause a denial of service (crash) via a POST request without a Content-Type header.
Monkey-project Monkey
Monkey-project Monkey 0.6.0
Monkey-project Monkey 0.5.2
Monkey-project Monkey 0.1.1
7.5
CVSSv2
CVE-2003-0218
Buffer overflow in PostMethod() function for Monkey HTTP Daemon (monkeyd) 0.6.1 and previous versions allows remote malicious users to execute arbitrary code via a POST request with a large body.
Monkey-project Monkey 0.6.0
Monkey-project Monkey 0.5.2
Monkey-project Monkey
Monkey-project Monkey 0.1.1
5
CVSSv2
CVE-2002-2154
Directory traversal vulnerability in Monkey HTTP Daemon 0.1.4 allows remote malicious users to read arbitrary files via .. (dot dot) sequences.
Monkey-project Monkey 0.1.4
1 EDB exploit
5
CVSSv2
CVE-2002-1663
The Post_Method function in method.c for Monkey HTTP Daemon prior to 0.5.1 allows remote malicious users to cause a denial of service (crash) via a POST request with an invalid or missing Content-Length header value.
Monkey-project Monkey
1 EDB exploit
4.3
CVSSv2
CVE-2002-1852
Cross-site scripting (XSS) vulnerability in Monkey 0.5.0 allows remote malicious users to inject arbitrary web script or HTML via (1) the URL or (2) a parameter to test2.pl.
Monkey-project Monkey 0.5.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2