Monkey@* Security Vulnerabilities and Issues — Monkey@* CVE List

Lucene search

Monkey-projectMonkey*

10 matches found

CVE•added 2014/06/13 2:55 p.m.•113 views

CVE-2013-3843

Stack-based buffer overflow in the mk_request_header_process function in mk_request.c in Monkey HTTP Daemon (monkeyd) before 1.2.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP header.

6.8CVSS8AI score0.4015EPSS

CVE•added 2003/05/12 4:0 a.m.•43 views

CVE-2003-0218

Buffer overflow in PostMethod() function for Monkey HTTP Daemon (monkeyd) 0.6.1 and earlier allows remote attackers to execute arbitrary code via a POST request with a large body.

7.5CVSS8AI score0.06683EPSS

CVE•added 2005/05/19 4:0 a.m.•40 views

CVE-2002-1663

The Post_Method function in method.c for Monkey HTTP Daemon before 0.5.1 allows remote attackers to cause a denial of service (crash) via a POST request with an invalid or missing Content-Length header value.

5CVSS6.7AI score0.07468EPSS

CVE•added 2005/05/02 4:0 a.m.•39 views

CVE-2005-1123

Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause a denial of service (memory corruption) via a request for a zero byte file.

5CVSS6.5AI score0.00763EPSS

CVE•added 2014/06/13 2:55 p.m.•37 views

CVE-2013-2163

Monkey HTTP Daemon (monkeyd) before 1.2.2 allows remote attackers to cause a denial of service (infinite loop) via an offset equal to the file size in the Range HTTP header.

5CVSS6.7AI score0.00746EPSS

CVE•added 2005/04/16 4:0 a.m.•36 views

CVE-2005-1122

Format string vulnerability in cgi.c for Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP GET request containing double-encoded format string specifiers (aka "double expansion error").

7.5CVSS7.7AI score0.01881EPSS

CVE•added 2014/08/26 2:55 p.m.•36 views

CVE-2014-5336

Monkey HTTP Server before 1.5.3, when the File Descriptor Table (FDT) is enabled and custom error messages are set, allows remote attackers to cause a denial of service (file descriptor consumption) via an HTTP request that triggers an error message.

4.3CVSS6.8AI score0.01509EPSS

CVE•added 2004/11/23 5:0 a.m.•34 views

CVE-2004-0276

The get_real_string function in Monkey HTTP Daemon (monkeyd) 0.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an HTTP request with a sequence of "%" characters and a missing Host field.

5CVSS7AI score0.09341EPSS

CVE•added 2014/06/13 2:55 p.m.•33 views

CVE-2013-2182

The Mandril security plugin in Monkey HTTP Daemon (monkeyd) before 1.5.0 allows remote attackers to bypass access restrictions via a crafted URI, as demonstrated by an encoded forward slash.

5.8CVSS6.8AI score0.14887EPSS

CVE•added 2005/05/19 4:0 a.m.•27 views

CVE-2003-1209

The Post_Method function in Monkey HTTP Daemon before 0.6.2 allows remote attackers to cause a denial of service (crash) via a POST request without a Content-Type header.

5CVSS7AI score0.00739EPSS