Published: 13/06/2014 Updated: 26/03/2020

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

VMScore: 585

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

The Mandril security plugin in Monkey HTTP Daemon (monkeyd) prior to 1.5.0 allows remote malicious users to bypass access restrictions via a crafted URI, as demonstrated by an encoded forward slash.

Vulnerable Product	Search on Vulmon	Subscribe to Product
monkey-project monkey

source: wwwsecurityfocuscom/bid/60569/info The Mandril Security plugin for Monkey HTTP Daemon is prone to a security-bypass vulnerability An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions, which may aid in launching further attacks wwwexamplecom/%2ftest/ ...

CWE-264 http://bugs.monkey-project.com/ticket/186 http://www.openwall.com/lists/oss-security/2013/06/14/11 http://www.securityfocus.com/bid/60569 https://github.com/monkey/monkey/issues/92 http://secunia.com/advisories/53638 https://github.com/monkey/monkey/commit/15f72c1ee5e0afad20232bdf0fcecab8d62a5d89 http://osvdb.org/94287 https://nvd.nist.gov https://www.exploit-db.com/exploits/38587/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-2182

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect