Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1122

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-1122
Last Modified 24 Oct 2012 12:00:00
Published 14 Apr 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1122

Summary

Format string vulnerability in cgi.c for Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP GET request containing double-encoded format string specifiers (aka "double expansion error").

Vulnerable Systems

Application

  • Monkey Http Daemon 0.1.4

  • Monkey Http Daemon 0.4

  • Monkey Http Daemon 0.4.1

  • Monkey Http Daemon 0.4.2

  • Monkey Http Daemon 0.5

  • Monkey Http Daemon 0.5.1

  • Monkey Http Daemon 0.6

  • Monkey Http Daemon 0.6.1

  • Monkey Http Daemon 0.6.2

  • Monkey Http Daemon 0.6.3

  • Monkey Http Daemon 0.7.0

  • Monkey Http Daemon 0.7.1

  • Monkey Http Daemon 0.7.2

  • Monkey Http Daemon 0.8

  • Monkey Http Daemon 0.8.1

  • Monkey Http Daemon 0.8.2

  • Monkey Http Daemon 0.9.0

  • Monkey-project Monkey Http Daemon 0.1.1

  • Monkey-project Monkey Http Daemon 0.5.2

  • Monkey-project Monkey Http Daemon 0.6.0

  • Monkey-project Monkey Http Daemon 0.6.1

  • Monkey-project Monkey Http Daemon 0.6.2

  • Monkey-project Monkey Http Daemon 0.6.3

  • Monkey-project Monkey Http Daemon 0.7.0

  • Monkey-project Monkey Http Daemon 0.7.1

  • Monkey-project Monkey Http Daemon 0.7.2

  • Monkey-project Monkey Http Daemon 0.8.0

  • Monkey-project Monkey Http Daemon 0.8.1

  • Monkey-project Monkey Http Daemon 0.8.2

  • Monkey-project Monkey Http Daemon 0.8.3

  • Monkey-project Monkey Http Daemon 0.8.4

  • Monkey-project Monkey Http Daemon 0.8.5

  • Monkey-project Monkey Http Daemon 0.9.0


References

GENTOO - GLSA-200504-14

SECUNIA - 14953

OSVDB - 15511

MISC - http://bugs.gentoo.org/show_bug.cgi?id=87916


Last Updated: 27 May 2016 11:01:16