Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-201309-17
HistorySep 25, 2013 - 12:00 a.m.

Monkey HTTP Daemon: Multiple vulnerabilities

2013-09-2500:00:00
Gentoo Foundation
security.gentoo.org
14

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.735

Percentile

98.2%

JSON

Background

Monkey HTTP Daemon is a lightweight and powerful web server for GNU/Linux.

Description

Multiple vulnerabilities have been discovered in Monkey HTTP Daemon. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker could send a specially crafted request, resulting in possible arbitrary code execution or a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

All Monkey HTTP Daemon users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=www-servers/monkeyd-1.2.2"
OSVersionArchitecturePackageVersionFilename
Gentooanyallwww-servers/monkeyd< 1.2.2UNKNOWN

Related

openvas 3
nessus 1
securityvulns 2
packetstorm 3
cvelist 3
checkpoint_advisories 2
nvd 3
ubuntucve 3
prion 3
exploitdb 1
cve 3
metasploit 1
openvas
openvas
Gentoo Security Advisory GLSA 201309-17
2015-09-29 00:00:00
Monkey HTTP Server <= 1.2.0 Host Header Buffer Overflow Vulnerability
2013-06-05 00:00:00
Plesk < 11.0.9 Multiple Vulnerabilities
2013-06-06 00:00:00
nessus
nessus
GLSA-201309-17 : Monkey HTTP Daemon: Multiple vulnerabilities
2013-09-26 00:00:00
securityvulns
securityvulns
Monkey HTTPD security vulnerabilities
2013-06-04 00:00:00
CVE-2013-3843 Monkey HTTPD 1.2.0 - Buffer Overflow DoS Vulnerability With Possible Arbitrary Code Execution
2013-06-04 00:00:00
packetstorm
packetstorm
Monkey HTTPD 1.1.1 Denial Of Service
2013-05-29 00:00:00
Monkey 1.2.0 Buffer Overflow
2013-06-04 00:00:00
Monkey HTTPD Header Parsing Denial of Service (Denial of Service)
2024-08-31 00:00:00
cvelist
cvelist
CVE-2013-3724
2013-07-31 21:00:00
CVE-2013-3843
2014-06-13 14:00:00
CVE-2013-2163
2014-06-13 14:00:00
checkpoint_advisories
checkpoint_advisories
Monkey HTTPD Server Denial of Service - Ver2 (CVE-2013-3724)
2015-05-18 00:00:00
Monkey HTTPD Header Parsing Denial of Service (CVE-2013-3843)
2013-09-01 00:00:00
nvd
nvd
CVE-2013-3724
2013-08-01 13:32:35
CVE-2013-3843
2014-06-13 14:55:12
CVE-2013-2163
2014-06-13 14:55:11
ubuntucve
ubuntucve
CVE-2013-3724
2013-08-01 00:00:00
CVE-2013-3843
2014-06-13 00:00:00
CVE-2013-2163
2014-06-13 00:00:00
prion
prion
Cross site request forgery (csrf)
2013-08-01 13:32:00
Stack overflow
2014-06-13 14:55:00
Design/Logic Flaw
2014-06-13 14:55:00
exploitdb
exploitdb
Monkey HTTPd 1.1.1 - Crash (PoC)
2013-05-30 00:00:00
cve
cve
CVE-2013-3724
2013-08-01 13:32:35
CVE-2013-3843
2014-06-13 14:55:12
CVE-2013-2163
2014-06-13 14:55:11
metasploit
metasploit
Monkey HTTPD Header Parsing Denial of Service (DoS)
2013-06-13 20:56:34

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.735

Percentile

98.2%

JSON
Related for GLSA-201309-17
openvas3nessus1securityvulns2packetstorm3cvelist3checkpoint_advisories2nvd3ubuntucve3prion3exploitdb1cve3metasploit1