Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
monkey-project vulnerabilities and exploits
(subscribe to this query)
320
VMScore
CVE-2013-2183
Monkey HTTP Daemon has local security bypass
Monkey-project Monkey -
720
VMScore
CVE-2013-3843
Stack-based buffer overflow in the mk_request_header_process function in mk_request.c in Monkey HTTP Daemon (monkeyd) prior to 1.2.1 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP header.
Monkey-project Monkey
614
VMScore
CVE-2012-5303
Monkey HTTP Daemon 0.9.3 might allow local users to overwrite arbitrary files via a symlink attack on a PID file, as demonstrated by a pathname different from the default /var/run/monkey.pid pathname.
Monkey-project Monkey 0.9.3
614
VMScore
CVE-2012-4443
Monkey HTTP Daemon 0.9.3 uses a real UID of root and a real GID of root during execution of CGI scripts, which might allow local users to gain privileges by leveraging cgi-bin write access.
Monkey-project Monkey 0.9.3
418
VMScore
CVE-2012-4442
Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the root account during operations with a non-root effective UID, which might allow local users to bypass intended file-read restrictions by leveraging a race condition in a file-permission check.
Monkey-project Monkey 0.9.3
383
VMScore
CVE-2013-2181
Cross-site scripting (XSS) vulnerability in the Directory Listing plugin in Monkey HTTP Daemon (monkeyd) 1.2.2 allows malicious users to inject arbitrary web script or HTML via a file name.
Monkey-project Monkey 1.2.2
435
VMScore
CVE-2002-1852
Cross-site scripting (XSS) vulnerability in Monkey 0.5.0 allows remote malicious users to inject arbitrary web script or HTML via (1) the URL or (2) a parameter to test2.pl.
Monkey-project Monkey 0.5.0
1 EDB exploit
668
VMScore
CVE-2013-2159
Monkey HTTP Daemon: broken user name authentication
Monkey-project Monkey 1.2.1
505
VMScore
CVE-2002-2154
Directory traversal vulnerability in Monkey HTTP Daemon 0.1.4 allows remote malicious users to read arbitrary files via .. (dot dot) sequences.
Monkey-project Monkey 0.1.4
1 EDB exploit
505
VMScore
CVE-2013-3724
The mk_request_header_process function in mk_request.c in Monkey 1.1.1 allows remote malicious users to cause a denial of service (thread crash and service outage) via a '\0' character in an HTTP request.
Monkey-project Monkey 1.1.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2