CVE-2013-2182
NONE EPSS 92.0%
Published Jun 13, 201412y ago · Modified Jun 16, 20262w ago
Published Jun 13, 2014 12y ago
Last Modified Jun 16, 2026 2w ago
Description
The Mandril security plugin in Monkey HTTP Daemon (monkeyd) before 1.5.0 allows remote attackers to bypass access restrictions via a crafted URI, as demonstrated by an encoded forward slash.
Threat Intelligence
EPSS Exploit Probability
92.0% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Weaknesses 1
CWE-264
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| monkey-project | monkey | * | ≤1.4.0 |
References 7
- bugs.monkey-project.com http://bugs.monkey-project.com/ticket/186
- osvdb.org http://osvdb.org/94287
- secunia.com http://secunia.com/advisories/53638
- openwall.com http://www.openwall.com/lists/oss-security/2013/06/14/11
- securityfocus.com http://www.securityfocus.com/bid/60569
- github.com https://github.com/monkey/monkey/commit/15f72c1ee5e0afad20232bdf0fcecab8d62a5d89
- github.com https://github.com/monkey/monkey/issues/92
Remediation
- github.com https://github.com/monkey/monkey/commit/15f72c1ee5e0afad20232bdf0fcecab8d62a5d89