Lucene search

MitreCVE-2004-0276

HistoryNov 23, 2004 - 5:00 a.m.

CVE-2004-0276

2004-11-2305:00:00

CWE-20

mitre

web.nvd.nist.gov

cve-2004-0276

monkey http daemon

denial of service

crash

http request

vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

Confidence

High

EPSS

0.092

Percentile

94.7%

JSON

The get_real_string function in Monkey HTTP Daemon (monkeyd) 0.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an HTTP request with a sequence of “%” characters and a missing Host field.

Affected configurations

Nvd

Node

monkey-projectmonkeyRange≤0.8.1

monkey-projectmonkeyMatch0.1.1

monkey-projectmonkeyMatch0.5.2

monkey-projectmonkeyMatch0.6.0

monkey-projectmonkeyMatch0.6.1

monkey-projectmonkeyMatch0.6.2

monkey-projectmonkeyMatch0.6.3

monkey-projectmonkeyMatch0.7.0

monkey-projectmonkeyMatch0.7.1

monkey-projectmonkeyMatch0.7.2

monkey-projectmonkeyMatch0.8.0

VendorProductVersionCPE
monkey-projectmonkey*cpe:2.3:a:monkey-project:monkey:*:*:*:*:*:*:*:*
monkey-projectmonkey0.1.1cpe:2.3:a:monkey-project:monkey:0.1.1:*:*:*:*:*:*:*
monkey-projectmonkey0.5.2cpe:2.3:a:monkey-project:monkey:0.5.2:*:*:*:*:*:*:*
monkey-projectmonkey0.6.0cpe:2.3:a:monkey-project:monkey:0.6.0:*:*:*:*:*:*:*
monkey-projectmonkey0.6.1cpe:2.3:a:monkey-project:monkey:0.6.1:*:*:*:*:*:*:*
monkey-projectmonkey0.6.2cpe:2.3:a:monkey-project:monkey:0.6.2:*:*:*:*:*:*:*
monkey-projectmonkey0.6.3cpe:2.3:a:monkey-project:monkey:0.6.3:*:*:*:*:*:*:*
monkey-projectmonkey0.7.0cpe:2.3:a:monkey-project:monkey:0.7.0:*:*:*:*:*:*:*
monkey-projectmonkey0.7.1cpe:2.3:a:monkey-project:monkey:0.7.1:*:*:*:*:*:*:*
monkey-projectmonkey0.7.2cpe:2.3:a:monkey-project:monkey:0.7.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
monkey-project	monkey	*	cpe:2.3:a:monkey-project:monkey::::::::
monkey-project	monkey	0.1.1	cpe:2.3:a:monkey-project:monkey:0.1.1:::::::*
monkey-project	monkey	0.5.2	cpe:2.3:a:monkey-project:monkey:0.5.2:::::::*
monkey-project	monkey	0.6.0	cpe:2.3:a:monkey-project:monkey:0.6.0:::::::*
monkey-project	monkey	0.6.1	cpe:2.3:a:monkey-project:monkey:0.6.1:::::::*
monkey-project	monkey	0.6.2	cpe:2.3:a:monkey-project:monkey:0.6.2:::::::*
monkey-project	monkey	0.6.3	cpe:2.3:a:monkey-project:monkey:0.6.3:::::::*
monkey-project	monkey	0.7.0	cpe:2.3:a:monkey-project:monkey:0.7.0:::::::*
monkey-project	monkey	0.7.1	cpe:2.3:a:monkey-project:monkey:0.7.1:::::::*
monkey-project	monkey	0.7.2	cpe:2.3:a:monkey-project:monkey:0.7.2:::::::*

Rows per page:

1-10 of 111

References

aluigi.altervista.org/poc/monkeydos.zip

marc.info/?l=bugtraq&m=107652610506968&w=2

monkeyd.sourceforge.net/

www.osvdb.org/3921

www.securityfocus.com/bid/9642

exchange.xforce.ibmcloud.com/vulnerabilities/15187

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

Confidence

High

EPSS

0.092

Percentile

94.7%

JSON

Related for CVE-2004-0276