Lucene search

[email protected]NVD:CVE-2013-2182

HistoryJun 13, 2014 - 2:55 p.m.

CVE-2013-2182

2014-06-1314:55:12

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

0.074

Percentile

94.2%

JSON

The Mandril security plugin in Monkey HTTP Daemon (monkeyd) before 1.5.0 allows remote attackers to bypass access restrictions via a crafted URI, as demonstrated by an encoded forward slash.

Affected configurations

Nvd

Node

monkey-projectmonkeyRange≤1.4.0

VendorProductVersionCPE
monkey-projectmonkey*cpe:2.3:a:monkey-project:monkey:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
monkey-project	monkey	*	cpe:2.3:a:monkey-project:monkey::::::::

References

bugs.monkey-project.com/ticket/186

osvdb.org/94287

secunia.com/advisories/53638

www.openwall.com/lists/oss-security/2013/06/14/11

www.securityfocus.com/bid/60569

github.com/monkey/monkey/commit/15f72c1ee5e0afad20232bdf0fcecab8d62a5d89

github.com/monkey/monkey/issues/92

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

0.074

Percentile

94.2%

JSON

Related for NVD:CVE-2013-2182

ubuntucve1 prion1 exploitdb1 cve1 cvelist1