EUVD-2013-1796

Malware in sbrugna...

CVE-2013-1771

The web server Monkeyd produces a world-readable log /var/log/monkeyd/master.log on gentoo...

Code injection

The web server Monkeyd produces a world-readable log /var/log/monkeyd/master.log on gentoo...

CVE-2013-1771

The web server Monkeyd produces a world-readable log /var/log/monkeyd/master.log on gentoo...

CVE-2013-1771

The web server Monkeyd produces a world-readable log /var/log/monkeyd/master.log on gentoo...

CVE-2013-1771

CVE-2013-1771 affects the Monkeyd web server, where the master.log (/var/log/monkeyd/master.log) is world-readable on Gentoo due to permissions. This could expose log contents (e.g., requests) as described in the provided sources. No concrete exploit details or patch/version remediation are prese...

CVE-2013-3843

Stack-based buffer overflow in the mkrequestheaderprocess function in mkrequest.c in Monkey HTTP Daemon monkeyd before 1.2.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted HTTP header...

CVE-2013-2182

The CVE-2013-2182 entry concerns the Mandril security plugin in Monkey HTTP Daemon (monkeyd) prior to 1.5.0. The root cause is a bypass of access restrictions via a crafted URI, demonstrated by an encoded forward slash, enabling remote attackers to access restricted paths. Public references corro...

CVE-2013-2181

Affected software : Monkey HTTP Daemon (monkeyd) 1.2.2 with the Directory Listing plugin. Vulnerability : Cross-site scripting (XSS) via a file name (CVE-2013-2181). Root cause : Directory Listing plugin mishandles file names, enabling script/HTML injection. Impact : potential execution of arbitr...

Gentoo Security Advisory GLSA 200402-03 (monkeyd)

The remote host is missing updates announced in advisory GLSA 200402-03. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200504-14 (monkeyd)

The remote host is missing updates announced in advisory GLSA 200504-14. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200504-14 (monkeyd)

The remote host is missing updates announced in advisory GLSA 200504-14. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200402-03 (monkeyd)

The remote host is missing updates announced in advisory GLSA 200402-03. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

monkeyd web server format string vulnerability

No description provided...

CVE-2005-1123

CVE-2005-1123 affects the Monkey HTTP Daemon (monkeyd) before version 0.9.1. The vulnerability allows a remote attacker to cause a denial-of-service via a request for a zero-byte file, resulting in memory corruption. Public sources (Gentoo GLSA 200504-14 and Nessus entries) describe a DoS and, in...

GLSA-200504-14 : monkeyd: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200504-14 monkeyd: Multiple vulnerabilities Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a double expansion error in monkeyd, resulting in a format string vulnerability. Ciaran McCreesh of Gentoo Linux discover...

GLSA-200402-03 : Monkeyd Denial of Service vulnerability

The remote host is affected by the vulnerability described in GLSA-200402-03 Monkeyd Denial of Service vulnerability A bug in the URI processing of incoming requests allows for a Denial of Service to be launched against the webserver, which may cause the server to crash or behave sporadically...