Monkey-Project: >> Monkey >> 0.8.4 Security Vulnerabilities
The Mandril security plugin in Monkey HTTP Daemon (monkeyd) before 1.5.0 allows remote attackers to bypass access restrictions via a crafted URI, as demonstrated by an encoded forward slash.
CVSS Score
5.8
EPSS Score
0.108
Published
2014-06-13
Stack-based buffer overflow in the mk_request_header_process function in mk_request.c in Monkey HTTP Daemon (monkeyd) before 1.2.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP header.
CVSS Score
6.8
EPSS Score
0.402
Published
2014-06-13
Monkey HTTP Daemon (monkeyd) before 1.2.2 allows remote attackers to cause a denial of service (infinite loop) via an offset equal to the file size in the Range HTTP header.
CVSS Score
5.0
EPSS Score
0.007
Published
2014-06-13
Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause a denial of service (memory corruption) via a request for a zero byte file.
CVSS Score
5.0
EPSS Score
0.008
Published
2005-05-02
Format string vulnerability in cgi.c for Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP GET request containing double-encoded format string specifiers (aka "double expansion error").
CVSS Score
7.5
EPSS Score
0.019
Published
2005-04-14
Page 2