Vulnerabilities > Monkey Project > Monkey > 1.2.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-12-10 | CVE-2013-2159 | Improper Authentication vulnerability in Monkey-Project Monkey 1.2.1 Monkey HTTP Daemon: broken user name authentication | 7.5 |
2014-08-26 | CVE-2014-5336 | Improper Input Validation vulnerability in Monkey-Project Monkey Monkey HTTP Server before 1.5.3, when the File Descriptor Table (FDT) is enabled and custom error messages are set, allows remote attackers to cause a denial of service (file descriptor consumption) via an HTTP request that triggers an error message. | 4.3 |
2014-06-13 | CVE-2013-2182 | Permissions, Privileges, and Access Controls vulnerability in Monkey-Project Monkey The Mandril security plugin in Monkey HTTP Daemon (monkeyd) before 1.5.0 allows remote attackers to bypass access restrictions via a crafted URI, as demonstrated by an encoded forward slash. | 5.8 |
2014-06-13 | CVE-2013-2163 | Improper Input Validation vulnerability in Monkey-Project Monkey Monkey HTTP Daemon (monkeyd) before 1.2.2 allows remote attackers to cause a denial of service (infinite loop) via an offset equal to the file size in the Range HTTP header. | 5.0 |