CVE request: FD leakage for cgi program on Monkey HTTPD

[Felipe Pena <felipensp () gmail com>]

I've identified a fd leakage when running a program via Monkey HTTPD -
CGI plugin.

By runninng `ls -lah /proc/<pid>/fd/` on the CGI program we can see:

total 0
dr-x------ 2 felipe felipe 0 Jun 14 14:00 .
dr-xr-xr-x 8 felipe felipe 0 Jun 14 14:00 ..
lr-x------ 1 felipe felipe 64 Jun 14 14:00 0 -> pipe:[239545]
l-wx------ 1 felipe felipe 64 Jun 14 14:00 1 -> pipe:[239546]
lrwx------ 1 felipe felipe 64 Jun 14 14:00 10 -> anon_inode:[eventpoll]
lr-x------ 1 felipe felipe 64 Jun 14 14:00 11 -> pipe:[242960]
lrwx------ 1 felipe felipe 64 Jun 14 14:00 12 -> anon_inode:[eventpoll]
lrwx------ 1 felipe felipe 64 Jun 14 14:00 13 -> anon_inode:[eventpoll]
lrwx------ 1 felipe felipe 64 Jun 14 14:00 14 -> anon_inode:[eventpoll]
lrwx------ 1 felipe felipe 64 Jun 14 14:00 15 -> anon_inode:[eventpoll]
lrwx------ 1 felipe felipe 64 Jun 14 14:00 16 -> anon_inode:[eventpoll]
lrwx------ 1 felipe felipe 64 Jun 14 14:00 17 -> anon_inode:[eventpoll]
lrwx------ 1 felipe felipe 64 Jun 14 14:00 18 -> anon_inode:[eventpoll]
lrwx------ 1 felipe felipe 64 Jun 14 14:00 19 -> anon_inode:[eventpoll]
l-wx------ 1 felipe felipe 64 Jun 14 14:00 2 -> /dev/null
lrwx------ 1 felipe felipe 64 Jun 14 14:00 3 -> socket:[240797]
lrwx------ 1 felipe felipe 64 Jun 14 14:00 4 ->
/home/felipe/audit/monkey/monkey/logs/monkey.pid.2001
lr-x------ 1 felipe felipe 64 Jun 14 14:00 5 -> pipe:[240798]
l-wx------ 1 felipe felipe 64 Jun 14 14:00 6 -> pipe:[240798]
lr-x------ 1 felipe felipe 64 Jun 14 14:00 7 -> pipe:[240799]
l-wx------ 1 felipe felipe 64 Jun 14 14:00 8 -> pipe:[240799]
lrwx------ 1 felipe felipe 64 Jun 14 14:00 9 -> socket:[242784]

Hence a malicious program can take control of Monkey HTTP request response
through a network socket related file descriptor, etc.


Report
------
http://bugs.monkey-project.com/ticket/187


CREDITS
-------
Felipe Pena

--
Regards,
Felipe Pena