382 matches found
CVE-2013-3843
Stack-based buffer overflow in the mkrequestheaderprocess function in mkrequest.c in Monkey HTTP Daemon monkeyd before 1.2.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted HTTP header...
CVE-2013-2182
The Mandril security plugin in Monkey HTTP Daemon monkeyd before 1.5.0 allows remote attackers to bypass access restrictions via a crafted URI, as demonstrated by an encoded forward slash...
CVE-2013-2163
Monkey HTTP Daemon monkeyd before 1.2.2 allows remote attackers to cause a denial of service infinite loop via an offset equal to the file size in the Range HTTP header...
CVE-2013-2182
The CVE-2013-2182 entry concerns the Mandril security plugin in Monkey HTTP Daemon (monkeyd) prior to 1.5.0. The root cause is a bypass of access restrictions via a crafted URI, demonstrated by an encoded forward slash, enabling remote attackers to access restricted paths. Public references corro...
CVE-2013-3843
Stack-based buffer overflow in the mkrequestheaderprocess function in mkrequest.c in Monkey HTTP Daemon monkeyd before 1.2.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted HTTP header...
CVE-2013-2182
The Mandril security plugin in Monkey HTTP Daemon monkeyd before 1.5.0 allows remote attackers to bypass access restrictions via a crafted URI, as demonstrated by an encoded forward slash...
CVE-2013-3843
CVE-2013-3843 affects Monkey HTTP Daemon (monkeyd) prior to version 1.2.1. A stack-based overflow in the mk_request_header_process function (mk_request.c) can be triggered by a crafted HTTP header, enabling a remote attacker to crash the server and, per sources, potentially execute arbitrary code...
CVE-2013-2163
CVE-2013-2163 affects Monkey HTTP Daemon (monkeyd) prior to version 1.2.2. The issue allows a remote attacker to cause a denial of service (infinite loop) by sending a crafted Range header with an offset equal to the file size. Public docs consistently describe the vector as a Range-header-based ...
Scientific Linux Security Update : php on SL5.x i386/x86_64 (20131211)
A memory corruption flaw was found in the way the opensslx509parse function of the PHP openssl extension parsed X.509 certificates. A remote attacker could use this flaw to provide a malicious self-signed certificate or a certificate signed by a trusted authority to a PHP application using the...
GLSA-201309-17 : Monkey HTTP Daemon: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201309-17 Monkey HTTP Daemon: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Monkey HTTP Daemon. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could send a...
Monkey HTTP Daemon: Multiple vulnerabilities
Background Monkey HTTP Daemon is a lightweight and powerful web server for GNU/Linux. Description Multiple vulnerabilities have been discovered in Monkey HTTP Daemon. Please review the CVE identifiers referenced below for details. Impact A remote attacker could send a specially crafted request,...
CVE-2013-2181
Cross-site scripting XSS vulnerability in the Directory Listing plugin in Monkey HTTP Daemon monkeyd 1.2.2 allows attackers to inject arbitrary web script or HTML via a file name...
Cross site scripting
Cross-site scripting XSS vulnerability in the Directory Listing plugin in Monkey HTTP Daemon monkeyd 1.2.2 allows attackers to inject arbitrary web script or HTML via a file name...
CVE-2013-2181
Cross-site scripting XSS vulnerability in the Directory Listing plugin in Monkey HTTP Daemon monkeyd 1.2.2 allows attackers to inject arbitrary web script or HTML via a file name...
CVE-2013-2181
Cross-site scripting XSS vulnerability in the Directory Listing plugin in Monkey HTTP Daemon monkeyd 1.2.2 allows attackers to inject arbitrary web script or HTML via a file name...
CVE-2013-2181
Affected software : Monkey HTTP Daemon (monkeyd) 1.2.2 with the Directory Listing plugin. Vulnerability : Cross-site scripting (XSS) via a file name (CVE-2013-2181). Root cause : Directory Listing plugin mishandles file names, enabling script/HTML injection. Impact : potential execution of arbitr...
Static HTTP Server 1.0 - Local Overflow (SEH)
!/usr/bin/env python import os TitleStatic HTTP Server SEH Overflow - HTTP Config - httptiplist Discovered and ReportedJune 2013 Discovered/Exploited ByJacob Holcomb/Gimppy, Security Analyst @ Independent Security Evaluators Exploit/Advisoryhttp://infosec42.blogspot.com/ SoftwareStatic HTTP Serve...
Monkey HTTP Daemon Mandril Security Plugin - Security Bypass
Monkey HTTP Daemon Mandril Security Plugin - Security Bypass source: https://www.securityfocus.com/bid/60569/info The Mandril Security plugin for Monkey HTTP Daemon is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform...
Monkey HTTP Daemon Mandril Security Plugin - Security Bypass
source: https://www.securityfocus.com/bid/60569/info The Mandril Security plugin for Monkey HTTP Daemon is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions, which may aid in launching further...
RHEL 6 : subversion (RHSA-2013:0737)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0737 advisory. Subversion SVN is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarc...