Monkey Security Vulnerabilities and Issues — Monkey CVE List

Lucene search

Monkey-projectMonkey

4 matches found

CVE•added 2012/10/05 9:55 p.m.•36 views

CVE-2012-4442

Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the root account during operations with a non-root effective UID, which might allow local users to bypass intended file-read restrictions by leveraging a race condition in a file-permission check.

4.7CVSS6.5AI score0.00062EPSS

CVE•added 2014/08/26 2:55 p.m.•36 views

CVE-2014-5336

Monkey HTTP Server before 1.5.3, when the File Descriptor Table (FDT) is enabled and custom error messages are set, allows remote attackers to cause a denial of service (file descriptor consumption) via an HTTP request that triggers an error message.

4.3CVSS6.8AI score0.01509EPSS

CVE•added 2013/07/29 11:27 p.m.•31 views

CVE-2013-2181

Cross-site scripting (XSS) vulnerability in the Directory Listing plugin in Monkey HTTP Daemon (monkeyd) 1.2.2 allows attackers to inject arbitrary web script or HTML via a file name.

4.3CVSS5.7AI score0.00252EPSS

CVE•added 2005/06/28 4:0 a.m.•29 views

CVE-2002-1852

Cross-site scripting (XSS) vulnerability in Monkey 0.5.0 allows remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) a parameter to test2.pl.

4.3CVSS5.9AI score0.03024EPSS