CVE-2014-5336
NONE EPSS 82.4%
Published Aug 26, 201411y ago · Modified Jun 17, 20262w ago
Published Aug 26, 2014 11y ago
Last Modified Jun 17, 2026 2w ago
Description
Monkey HTTP Server before 1.5.3, when the File Descriptor Table (FDT) is enabled and custom error messages are set, allows remote attackers to cause a denial of service (file descriptor consumption) via an HTTP request that triggers an error message.
Threat Intelligence
EPSS Exploit Probability
82.4% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Weaknesses 1
CWE-20 Improper Input Validation Validation
Affected Products 56
| Vendor | Product | Version | Range |
|---|---|---|---|
| monkey-project | monkey | * | ≤1.5.2 |
| monkey-project | monkey | 0.1.1 | any |
| monkey-project | monkey | 0.1.4 | any |
| monkey-project | monkey | 0.5.0 | any |
| monkey-project | monkey | 0.5.1 | any |
| monkey-project | monkey | 0.5.2 | any |
| monkey-project | monkey | 0.6.0 | any |
| monkey-project | monkey | 0.6.1 | any |
| monkey-project | monkey | 0.6.2 | any |
| monkey-project | monkey | 0.6.3 | any |
| monkey-project | monkey | 0.7.0 | any |
| monkey-project | monkey | 0.7.1 | any |
| monkey-project | monkey | 0.7.2 | any |
| monkey-project | monkey | 0.8.0 | any |
| monkey-project | monkey | 0.8.1 | any |
| monkey-project | monkey | 0.8.2 | any |
| monkey-project | monkey | 0.8.3 | any |
| monkey-project | monkey | 0.8.4 | any |
| monkey-project | monkey | 0.8.4 | any |
| monkey-project | monkey | 0.8.5 | any |
| monkey-project | monkey | 0.9.0 | any |
| monkey-project | monkey | 0.9.1 | any |
| monkey-project | monkey | 0.9.2 | any |
| monkey-project | monkey | 0.9.3 | any |
| monkey-project | monkey | 0.10.0 | any |
| monkey-project | monkey | 0.10.1 | any |
| monkey-project | monkey | 0.10.2 | any |
| monkey-project | monkey | 0.10.3 | any |
| monkey-project | monkey | 0.11.0 | any |
| monkey-project | monkey | 0.11.1 | any |
| monkey-project | monkey | 0.12.0 | any |
| monkey-project | monkey | 0.12.1 | any |
| monkey-project | monkey | 0.12.2 | any |
| monkey-project | monkey | 0.13.0 | any |
| monkey-project | monkey | 0.13.1 | any |
| monkey-project | monkey | 0.13.2 | any |
| monkey-project | monkey | 0.20.0 | any |
| monkey-project | monkey | 0.20.1 | any |
| monkey-project | monkey | 0.20.2 | any |
| monkey-project | monkey | 0.20.3 | any |
| monkey-project | monkey | 0.21.0 | any |
| monkey-project | monkey | 0.30.0 | any |
| monkey-project | monkey | 0.31.0 | any |
| monkey-project | monkey | 0.32.0 | any |
| monkey-project | monkey | 0.33.0 | any |
| monkey-project | monkey | 1.0.0 | any |
| monkey-project | monkey | 1.0.1 | any |
| monkey-project | monkey | 1.1.0 | any |
| monkey-project | monkey | 1.1.1 | any |
| monkey-project | monkey | 1.2.0 | any |
| monkey-project | monkey | 1.2.1 | any |
| monkey-project | monkey | 1.2.2 | any |
| monkey-project | monkey | 1.4.0 | any |
| monkey-project | monkey | 1.5.0 | any |
| monkey-project | monkey | 1.5.1 | any |
| monkey-project | monkey | 1.5.3 | any |
References 7
- monkey-project.com http://monkey-project.com/Announcements/v1.5.3
- seclists.org http://seclists.org/oss-sec/2014/q3/397
- seclists.org http://seclists.org/oss-sec/2014/q3/412
- secunia.com http://secunia.com/advisories/60783
- securityfocus.com http://www.securityfocus.com/bid/69279
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/95336
- github.com https://github.com/monkey/monkey/commit/b2d0e6f92310bb14a15aa2f8e96e1fb5379776dd
Remediation
- github.com https://github.com/monkey/monkey/commit/b2d0e6f92310bb14a15aa2f8e96e1fb5379776dd