The Post_Method function in method.c for Monkey HTTP Daemon before 0.5.1 allows remote attackers to cause a denial of service (crash) via a POST request with an invalid or missing Content-Length header value.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | * |
Cross-site scripting (XSS) vulnerability in Monkey 0.5.0 allows remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) a parameter to test2.pl.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | 0.5.0 |
Directory traversal vulnerability in Monkey HTTP Daemon 0.1.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | 0.1.4 |
Buffer overflow in PostMethod() function for Monkey HTTP Daemon (monkeyd) 0.6.1 and earlier allows remote attackers to execute arbitrary code via a POST request with a large body.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | * |
| monkey-project | monkey | 0.5.2 |
| monkey-project | monkey | 0.6.0 |
| monkey-project | monkey | 0.1.1 |
The Post_Method function in Monkey HTTP Daemon before 0.6.2 allows remote attackers to cause a denial of service (crash) via a POST request without a Content-Type header.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | * |
| monkey-project | monkey | 0.5.2 |
| monkey-project | monkey | 0.6.0 |
| monkey-project | monkey | 0.1.1 |
The get_real_string function in Monkey HTTP Daemon (monkeyd) 0.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an HTTP request with a sequence of "%" characters and a missing Host field.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | 0.6.2 |
| monkey-project | monkey | 0.7.0 |
| monkey-project | monkey | 0.8.0 |
| monkey-project | monkey | * |
| monkey-project | monkey | 0.5.2 |
| monkey-project | monkey | 0.7.1 |
| monkey-project | monkey | 0.6.0 |
| monkey-project | monkey | 0.6.3 |
| monkey-project | monkey | 0.1.1 |
| monkey-project | monkey | 0.6.1 |
| monkey-project | monkey | 0.7.2 |
Format string vulnerability in cgi.c for Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP GET request containing double-encoded format string specifiers (aka "double expansion error").
CVSS 2.0
Severity: HIGH
Problem Type: CWE-134,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | 0.7.0 |
| monkey-project | monkey | 0.8.0 |
| monkey-project | monkey | 0.5.2 |
| monkey-project | monkey | 0.6.0 |
| monkey-project | monkey | 0.8.3 |
| monkey-project | monkey | 0.8.4 |
| monkey-project | monkey | 0.1.1 |
| monkey-project | monkey | 0.7.2 |
| monkey-project | monkey | 0.8.5 |
| monkey-project | monkey | 0.8.1 |
| monkey-project | monkey | 0.6.2 |
| monkey-project | monkey | * |
| monkey-project | monkey | 0.7.1 |
| monkey-project | monkey | 0.6.3 |
| monkey-project | monkey | 0.8.2 |
| monkey-project | monkey | 0.6.1 |
Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause a denial of service (memory corruption) via a request for a zero byte file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | 0.7.0 |
| monkey-project | monkey | 0.8.0 |
| monkey-project | monkey | 0.5.2 |
| monkey-project | monkey | 0.6.0 |
| monkey-project | monkey | 0.8.3 |
| monkey-project | monkey | 0.8.4 |
| monkey-project | monkey | 0.1.1 |
| monkey-project | monkey | 0.7.2 |
| monkey-project | monkey | 0.8.5 |
| monkey-project | monkey | 0.8.1 |
| monkey-project | monkey | 0.6.2 |
| monkey-project | monkey | * |
| monkey-project | monkey | 0.7.1 |
| monkey-project | monkey | 0.6.3 |
| monkey-project | monkey | 0.8.2 |
| monkey-project | monkey | 0.6.1 |
The web server Monkeyd produces a world-readable log (/var/log/monkeyd/master.log) on gentoo.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-532,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | - |
Monkey HTTP Daemon: broken user name authentication
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | 1.2.1 |
Monkey HTTP Daemon (monkeyd) before 1.2.2 allows remote attackers to cause a denial of service (infinite loop) via an offset equal to the file size in the Range HTTP header.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | * |
| monkey-project | monkey | 1.2.0 |
Cross-site scripting (XSS) vulnerability in the Directory Listing plugin in Monkey HTTP Daemon (monkeyd) 1.2.2 allows attackers to inject arbitrary web script or HTML via a file name.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | 1.2.2 |
The Mandril security plugin in Monkey HTTP Daemon (monkeyd) before 1.5.0 allows remote attackers to bypass access restrictions via a crafted URI, as demonstrated by an encoded forward slash.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | * |
Monkey HTTP Daemon has local security bypass
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N | 1.8 | 5.2 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-668,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | - |
The mk_request_header_process function in mk_request.c in Monkey 1.1.1 allows remote attackers to cause a denial of service (thread crash and service outage) via a '\0' character in an HTTP request.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | 1.1.1 |
Stack-based buffer overflow in the mk_request_header_process function in mk_request.c in Monkey HTTP Daemon (monkeyd) before 1.2.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP header.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | * |
Monkey HTTP Server before 1.5.3, when the File Descriptor Table (FDT) is enabled and custom error messages are set, allows remote attackers to cause a denial of service (file descriptor consumption) via an HTTP request that triggers an error message.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | 0.20.3 |
| monkey-project | monkey | 0.32.0 |
| monkey-project | monkey | 0.5.2 |
| monkey-project | monkey | 0.13.2 |
| monkey-project | monkey | 0.6.0 |
| monkey-project | monkey | 0.9.0 |
| monkey-project | monkey | 1.4.0 |
| monkey-project | monkey | 0.21.0 |
| monkey-project | monkey | 0.1.1 |
| monkey-project | monkey | 0.10.1 |
| monkey-project | monkey | 1.0.0 |
| monkey-project | monkey | 0.6.2 |
| monkey-project | monkey | 1.1.1 |
| monkey-project | monkey | 1.5.3 |
| monkey-project | monkey | 0.11.0 |
| monkey-project | monkey | 0.12.2 |
| monkey-project | monkey | 0.9.1 |
| monkey-project | monkey | 1.5.0 |
| monkey-project | monkey | 0.8.5 |
| monkey-project | monkey | 0.13.0 |
| monkey-project | monkey | 0.8.1 |
| monkey-project | monkey | 0.9.3 |
| monkey-project | monkey | 0.10.0 |
| monkey-project | monkey | 0.13.1 |
| monkey-project | monkey | 0.20.1 |
| monkey-project | monkey | 0.6.1 |
| monkey-project | monkey | 1.5.1 |
| monkey-project | monkey | 0.10.3 |
| monkey-project | monkey | 0.7.0 |
| monkey-project | monkey | 0.8.3 |
| monkey-project | monkey | 0.8.4 |
| monkey-project | monkey | 1.2.2 |
| monkey-project | monkey | 0.12.0 |
| monkey-project | monkey | 0.20.0 |
| monkey-project | monkey | 0.7.2 |
| monkey-project | monkey | 0.10.2 |
| monkey-project | monkey | 1.0.1 |
| monkey-project | monkey | 0.9.2 |
| monkey-project | monkey | 0.12.1 |
| monkey-project | monkey | 0.20.2 |
| monkey-project | monkey | 1.1.0 |
| monkey-project | monkey | 0.6.3 |
| monkey-project | monkey | 0.8.0 |
| monkey-project | monkey | 0.31.0 |
| monkey-project | monkey | 0.11.1 |
| monkey-project | monkey | 1.2.0 |
| monkey-project | monkey | 0.33.0 |
| monkey-project | monkey | 1.2.1 |
| monkey-project | monkey | 0.5.0 |
| monkey-project | monkey | 0.30.0 |
| monkey-project | monkey | * |
| monkey-project | monkey | 0.7.1 |
| monkey-project | monkey | 0.1.4 |
| monkey-project | monkey | 0.5.1 |
| monkey-project | monkey | 0.8.2 |
An out-of-bounds read in the http_parser_transfer_encoding_chunked function (mk_server/mk_http_parser.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted POST request to the server.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | * |
An out-of-bounds read in the mk_ptr_to_buf in mk_core function (mk_memory.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | * |
A use-after-free in the mk_string_char_search function (mk_core/mk_string.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | * |
A use-after-free in the mk_http_request_end function (mk_server/mk_http.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | * |
An out-of-bounds read in the mk_vhost_fdt_close function (mk_server/mk_vhost.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | * |
A NULL pointer dereference in the mk_http_range_parse function (mk_server/mk_http.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | * |
An out-of-bounds read in the header_cmp function (mk_server/mk_http_parser.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | * |
An out-of-bounds read in the mk_mimetype_find function (mk_server/mk_mimetype.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | * |
A stack overflow in the mk_http_index_lookup function (mk_server/mk_http.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| monkey-project | monkey | * |