CVE-2004-1898
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
96.3%
Stack-based buffer overflow in the administration interface in Monit 1.4 through 4.2 allows remote attackers to execute arbitrary code via a long username.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| tildeslash | monit | 1.4 | cpe:2.3:a:tildeslash:monit:1.4:*:*:*:*:*:*:* |
| tildeslash | monit | 3.0 | cpe:2.3:a:tildeslash:monit:3.0:*:*:*:*:*:*:* |
| tildeslash | monit | 3.1 | cpe:2.3:a:tildeslash:monit:3.1:*:*:*:*:*:*:* |
| tildeslash | monit | 3.2 | cpe:2.3:a:tildeslash:monit:3.2:*:*:*:*:*:*:* |
| tildeslash | monit | 4.0 | cpe:2.3:a:tildeslash:monit:4.0:*:*:*:*:*:*:* |
| tildeslash | monit | 4.1 | cpe:2.3:a:tildeslash:monit:4.1:*:*:*:*:*:*:* |
| tildeslash | monit | 4.1.1 | cpe:2.3:a:tildeslash:monit:4.1.1:*:*:*:*:*:*:* |
| tildeslash | monit | 4.2 | cpe:2.3:a:tildeslash:monit:4.2:*:*:*:*:*:*:* |
| tildeslash | monit | 4.3_beta_2 | cpe:2.3:a:tildeslash:monit:4.3_beta_2:*:*:*:*:*:*:* |
References
archives.neohapsis.com/archives/vulnwatch/2004-q1/0076.html
marc.info/?l=bugtraq&m=108119149103696&w=2
secunia.com/advisories/11304
www.osvdb.org/4981
www.securityfocus.com/bid/10051
www.tildeslash.com/monit/changes.html
www.tildeslash.com/monit/secadv_20040305.txt
exchange.xforce.ibmcloud.com/vulnerabilities/15735
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
96.3%