Vulnerabilities > CVE-2003-1083 - Buffer Overrun vulnerability in Monit Overly Long HTTP Request

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

critical

nessus

exploit available

NVD

Published: 2003-12-31

Updated: 2017-07-11

Summary

Stack-based buffer overflow in Monit 1.4 to 4.1 allows remote attackers to execute arbitrary code via a long HTTP request.

Part	Description	Count
Application	Tildeslash Tildeslash Monit 1.4 Tildeslash Monit 1.4.1 Tildeslash Monit 2.0 Tildeslash Monit 2.1 Tildeslash Monit 2.1.1 Tildeslash Monit 2.2 Tildeslash Monit 2.2.1 Tildeslash Monit 2.3 Tildeslash Monit 2.4 Tildeslash Monit 2.4.1 Tildeslash Monit 2.4.2 Tildeslash Monit 2.4.3 Tildeslash Monit 3.0 Tildeslash Monit 3.1 Tildeslash Monit 3.2 Tildeslash Monit 4.0 Tildeslash Monit 4.1	17

description	Monit <= 4.1 Remote Root Buffer Overflow Exploit. CVE-2003-1083. Remote exploit for linux platform
id	EDB-ID:173
last seen	2016-01-31
modified	2004-04-09
published	2004-04-09
reporter	gsicht
source	https://www.exploit-db.com/download/173/
title	Monit <= 4.1 - Remote Root Buffer Overflow Exploit

description	Monit 1.4/2.x/3/4 Overly Long HTTP Request Buffer Overrun Vulnerability. CVE-2003-1083. Remote exploit for linux platform
id	EDB-ID:23397
last seen	2016-02-02
modified	2003-11-24
published	2003-11-24
reporter	Shadowinteger
source	https://www.exploit-db.com/download/23397/
title	Monit 1.4/2.x/3/4 Overly Long HTTP Request Buffer Overrun Vulnerability

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-200403-14.NASL
description	The remote host is affected by the vulnerability described in GLSA-200403-14 (Multiple Security Vulnerabilities in Monit) A denial of service may occur due to Monit not sanitizing remotely supplied HTTP parameters before passing them to memory allocation functions. This could allow an attacker to cause an unexpected condition that could lead to the Monit daemon crashing. An overly long http request method may cause a buffer overflow due to Monit performing insufficient bounds checking when handling HTTP requests. Impact : An attacker may crash the Monit daemon to create a denial of service condition or cause a buffer overflow that would allow arbitrary code to be executed with root privileges. Workaround : A workaround is not currently known for this issue. All users are advised to upgrade to the latest version of the affected package.
last seen	2020-06-01
modified	2020-06-02
plugin id	14465
published	2004-08-30
reporter	This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/14465
title	GLSA-200403-14 : Multiple Security Vulnerabilities in Monit