|
Family: CGI abuses --> Category: mixed
Monkey HTTP Daemon < 0.9.1 Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary Checks for multiple vulnerabilities in Monkey HTTP Daemon < 0.9.1
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server is affected by multiple vulnerabilities.
Description :
The version of the Monkey HTTP Server installed on the remote host
suffers from the following flaws :
- A Format String Vulnerability
A remote attacker may be able to execute arbitrary code with the
permissions of the user running monkeyd by sending a specially-
crafted request.
- A Denial of Service Vulnerability
Repeatedly requesting a zero-byte length file, if one exists,
could cause the web server to crash.
See also :
http://bugs.gentoo.org/show_bug.cgi?id=87916
Solution :
Upgrade to monkeyd 0.9.1 or later.
Threat Level:
High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|