Shodan
Vulnerabilities
Vulnerable Software
Monkey-Project:  >> Monkey  >> 0.1.4  Security Vulnerabilities
CVE-2014-5336
Monkey HTTP Server before 1.5.3, when the File Descriptor Table (FDT) is enabled and custom error messages are set, allows remote attackers to cause a denial of service (file descriptor consumption) via an HTTP request that triggers an error message.
CVSS Score
4.3
EPSS Score
0.015
Published
2014-08-26
CVE-2013-2182
The Mandril security plugin in Monkey HTTP Daemon (monkeyd) before 1.5.0 allows remote attackers to bypass access restrictions via a crafted URI, as demonstrated by an encoded forward slash.
CVSS Score
5.8
EPSS Score
0.149
Published
2014-06-13
CVE-2013-3843
Stack-based buffer overflow in the mk_request_header_process function in mk_request.c in Monkey HTTP Daemon (monkeyd) before 1.2.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP header.
CVSS Score
6.8
EPSS Score
0.402
Published
2014-06-13
CVE-2013-2163
Monkey HTTP Daemon (monkeyd) before 1.2.2 allows remote attackers to cause a denial of service (infinite loop) via an offset equal to the file size in the Range HTTP header.
CVSS Score
5.0
EPSS Score
0.007
Published
2014-06-13
CVE-2005-1123
Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause a denial of service (memory corruption) via a request for a zero byte file.
CVSS Score
5.0
EPSS Score
0.008
Published
2005-05-02
CVE-2005-1122
Format string vulnerability in cgi.c for Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP GET request containing double-encoded format string specifiers (aka "double expansion error").
CVSS Score
7.5
EPSS Score
0.019
Published
2005-04-14
CVE-2004-0276
The get_real_string function in Monkey HTTP Daemon (monkeyd) 0.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an HTTP request with a sequence of "%" characters and a missing Host field.
CVSS Score
5.0
EPSS Score
0.093
Published
2004-11-23
CVE-2003-1209
The Post_Method function in Monkey HTTP Daemon before 0.6.2 allows remote attackers to cause a denial of service (crash) via a POST request without a Content-Type header.
CVSS Score
5.0
EPSS Score
0.007
Published
2003-12-31
CVE-2003-0218
Buffer overflow in PostMethod() function for Monkey HTTP Daemon (monkeyd) 0.6.1 and earlier allows remote attackers to execute arbitrary code via a POST request with a large body.
CVSS Score
7.5
EPSS Score
0.067
Published
2003-05-12
CVE-2002-2154
Directory traversal vulnerability in Monkey HTTP Daemon 0.1.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences.
CVSS Score
5.0
EPSS Score
0.04
Published
2002-12-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved