Vulnerabilities > Monkey Project > Monkey > 0.13.1

DATE CVE VULNERABILITY TITLE RISK
2014-08-26 CVE-2014-5336 Improper Input Validation vulnerability in Monkey-Project Monkey
Monkey HTTP Server before 1.5.3, when the File Descriptor Table (FDT) is enabled and custom error messages are set, allows remote attackers to cause a denial of service (file descriptor consumption) via an HTTP request that triggers an error message.
4.3
2014-06-13 CVE-2013-3843 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Monkey-Project Monkey
Stack-based buffer overflow in the mk_request_header_process function in mk_request.c in Monkey HTTP Daemon (monkeyd) before 1.2.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP header.
6.8
2014-06-13 CVE-2013-2182 Permissions, Privileges, and Access Controls vulnerability in Monkey-Project Monkey
The Mandril security plugin in Monkey HTTP Daemon (monkeyd) before 1.5.0 allows remote attackers to bypass access restrictions via a crafted URI, as demonstrated by an encoded forward slash.
5.8
2014-06-13 CVE-2013-2163 Improper Input Validation vulnerability in Monkey-Project Monkey
Monkey HTTP Daemon (monkeyd) before 1.2.2 allows remote attackers to cause a denial of service (infinite loop) via an offset equal to the file size in the Range HTTP header.
network
low complexity
monkey-project CWE-20
5.0