Vulnerabilities > CVE-2004-1897 - Remote vulnerability in Multiple Monit Administration Interface

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

tildeslash

exploit available

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

Administration interface in Monit 1.4 through 4.2 allows remote attackers to cause a denial of service (segmentation fault) by sending a Basic Authentication request without a password, which causes Monit to decrement a null pointer and perform an out-of-bounds read.

Vulnerable Configurations

Part	Description	Count
Application	Tildeslash Tildeslash Monit 1.4 Tildeslash Monit 3.0 Tildeslash Monit 3.1 Tildeslash Monit 3.2 Tildeslash Monit 4.0 Tildeslash Monit 4.1 Tildeslash Monit 4.1.1 Tildeslash Monit 4.2 Tildeslash Monit 4.3_Beta_2	9

Exploit-Db

description	Monit <= 4.2 Remote Root Buffer Overflow Exploit. CVE-2004-1897. Remote exploit for linux platform
id	EDB-ID:174
last seen	2016-01-31
modified	2004-04-12
published	2004-04-12
reporter	Abhisek Datta
source	https://www.exploit-db.com/download/174/
title	Monit <= 4.2 - Remote Root Buffer Overflow Exploit

Summary

Vulnerable Configurations

Exploit-Db

References