Monkey HTTP Daemon 0.x - Missing Host Field Denial of Service

source: https://www.securityfocus.com/bid/9642/info Monkey HTTP Daemon is prone to a denial of service attacks. HTTP GET requests, which do not include a 'Host' header field, will trigger this condition. The server will need to be restarted to regain normal functionality...

CVE-2003-1209

The PostMethod function in Monkey HTTP Daemon before 0.6.2 allows remote attackers to cause a denial of service crash via a POST request without a Content-Type header...

Monkey HTTP Daemon (monkeyd) Post_Method Function Crafted Content-Length Header DoS

The remote Monkey Web Server crashes when it receives an incorrect POST command with an empty 'Content-Length:' field. TRUSTED...

Monkey Http Daemon

After reading the PHP XSS "exploit" I dont know if it qualifies as one in phpinfo, I found out that on the default page of the Monkey Http Daemon, there is a Test of Supports section. Two links are included: http://whateverhost/php/index.php and http://whateverhost/cgi-bin/test.pl index.php just...

CVE-2003-0218

Buffer overflow in PostMethod function for Monkey HTTP Daemon monkeyd 0.6.1 and earlier allows remote attackers to execute arbitrary code via a POST request with a large body...

CVE-2003-0218

Buffer overflow in PostMethod function for Monkey HTTP Daemon monkeyd 0.6.1 and earlier allows remote attackers to execute arbitrary code via a POST request with a large body...

CVE-2003-0218

The CVE-2003-0218 entry concerns Monkey HTTP Server (monkeyd) up to version 0.6.1. A buffer overflow in the PostMethod() triggered by a POST with a large body is described as allowing remote code execution or a server crash. Public details across sources consistently note that vulnerable software...

Monkey HTTP Daemon (monkeyd) PostMethod() Function Remote Overflow

The version of Monkey web server that you are running is vulnerable to a buffer overflow on a POST command with too much data. It is possible to make this web server crash or execute arbitrary code. C Tenable Network Security, Inc. Ref: From: "Matthew Murphy" To: "BugTraq" Subject: Monkey HTTPd...

monkeyHTTPd.txt

Monkey HTTP Daemon Remote Buffer Overflow ABSTRACT "Monkey is a Web server written in C that works under Linux. This is an open source project based on the HTTP/1.1 protocol. The objective is to develop a fast, efficient, small and easy to configure web server." quote from...

[UNIX] Monkey HTTP Daemon Remote Buffer Overflow

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion In the US? Contact Beyond Security at our new California office housewarming rates on automated network vulnerability scanning. We also...

Monkey HTTPD buffer overflow

Buffer overflow on POST request...

Monkey HTTP Daemon 0.40.50.6 - Excessive POST Data Buffer Overflow

Monkey HTTP Daemon 0.40.50.6 - Excessive POST Data Buffer Overflow source: https://www.securityfocus.com/bid/7202/info Monkey HTTP Daemon is prone to a boundary condition error. This condition occurs when the server attempts to handle excessive HTTP POST data. Exploitation could allow a remote...

Monkey HTTP Daemon 0.4/0.5/0.6 - Excessive POST Data Buffer Overflow

source: https://www.securityfocus.com/bid/7202/info Monkey HTTP Daemon is prone to a boundary condition error. This condition occurs when the server attempts to handle excessive HTTP POST data. Exploitation could allow a remote attacker to corrupt sensitive regions of memory with attacker-supplie...

CVE-2002-2154

Directory traversal vulnerability in Monkey HTTP Daemon 0.1.4 allows remote attackers to read arbitrary files via .. dot dot sequences...

CVE-2002-1852

Cross-site scripting XSS vulnerability in Monkey 0.5.0 allows remote attackers to inject arbitrary web script or HTML via 1 the URL or 2 a parameter to test2.pl...

CVE-2002-1663

The PostMethod function in method.c for Monkey HTTP Daemon before 0.5.1 allows remote attackers to cause a denial of service crash via a POST request with an invalid or missing Content-Length header value...

Monkey HTTP Server 0.40.5 - Invalid POST Denial of Service

Monkey HTTP Server 0.40.5 - Invalid POST Denial of Service source: https://www.securityfocus.com/bid/6096/info A denial of service vulnerability has been reported for Monkey HTTP server. The vulnerability is due to inadequate checks being performed when decoding POST requests. An attacker can...

Monkey HTTP Server 0.4/0.5 - Invalid POST Denial of Service

source: https://www.securityfocus.com/bid/6096/info A denial of service vulnerability has been reported for Monkey HTTP server. The vulnerability is due to inadequate checks being performed when decoding POST requests. An attacker can exploit this vulnerability by issuing a POST request with an...

Crossite scripting in Monkey

www.victim.com/scriptalert'IIL0wnZYoU!!!';/script...

XSS bug in Monkey (0.5.0) HTTP server

Illegal Instruction Labs Advisory ------------------------------------------------------------------------- Advisory name: XSS bug in Monkey 0.5.0 HTTP server Advisory number: 14 Application: Monkey 0.5.0 HTTP server Application author: Eduardo Silva EdsipeR Author e-mail: [email protected]...