Lucene search
K

244 matches found

Tenable Nessus
Tenable Nessus
added 2021/12/27 12:0 a.m.28 views

Debian DLA-2855-1 : monit - LTS security update

The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-2855 advisory. Two vulnerabilities were fixed in monit, a utility for monitoring and managing Unix systems. CVE-2019-11454 Persistent cross-site scripting in http/cervlet.c...

8.1CVSS6.7AI score0.03138EPSS
Exploits2References8
OSV
OSV
added 2021/12/27 12:0 a.m.27 views

DLA-2855-1 monit - security update

Bulletin has no description...

8.1CVSS6.8AI score0.03138EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2021/10/19 12:0 a.m.3 views

PT-2022-6875 · Tildeslash +4 · Tildeslash Monit +4

Name of the Vulnerable Software and Affected Versions: Tildeslash Monit versions prior to 5.31.0 Description: An issue in Tildeslash Monit allows remote attackers to gain escalated privileges due to improper PAM-authorization. The vulnerability is related to the PAMcheckPasswd function, which has...

8.8CVSS7.3AI score0.00667EPSS
Exploits0References26
Ubuntu
Ubuntu
added 2021/03/15 10:47 p.m.77 views

USN-4860-1: Monit vulnerabilities

Zack Flack discovered that Monit incorrectly handled certain input. A remote authenticated user could exploit this to conduct cross-site scripting XSS attacks. CVE-2019-11454 Zack Flack discovered a buffer overread when Monit decoded certain crafted URLs. An attacker could exploit this to...

8.1CVSS7.2AI score0.03138EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/11/19 12:0 a.m.841 views

M/Monit 3.7.4 Privilege Escalation

Title: M/Monit 3.7.4 - Privilege Escalation Author: Dolev Farhi Date: 2020-07-09 Vendor Homepage: https://mmonit.com/ Version : 3.7.4 import sys import requests url = 'http://youriphere:8080' username = 'test' password = 'test123' sess = requests.Session sess.gethost def login: print'Attempting t...

0.8AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/19 12:0 a.m.868 views

M/Monit 3.7.4 - Privilege Escalation

Title: M/Monit 3.7.4 - Privilege Escalation Author: Dolev Farhi Date: 2020-07-09 Vendor Homepage: https://mmonit.com/ Version : 3.7.4 import sys import requests url = 'http://youriphere:8080' username = 'test' password = 'test123' sess = requests.Session sess.gethost def login: print'Attempting t...

7.4AI score
Exploits0
NVD
NVD
added 2020/10/28 6:15 p.m.11 views

CVE-2020-16258

Winston 1.5.4 devices make use of a Monit service not managed during the normal user process which is configured with default credentials...

7.1CVSS7AI score0.00388EPSS
Exploits1References2
OSV
OSV
added 2020/10/28 6:15 p.m.2 views

CVE-2020-16258

Winston 1.5.4 devices make use of a Monit service not managed during the normal user process which is configured with default credentials...

7.1CVSS5.8AI score0.00388EPSS
Exploits1References2
Prion
Prion
added 2020/10/28 6:15 p.m.16 views

Default credentials

Winston 1.5.4 devices make use of a Monit service not managed during the normal user process which is configured with default credentials...

5.6CVSS7AI score0.00388EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/10/28 5:18 p.m.31 views

CVE-2020-16258

Winston 1.5.4 devices expose a Monit service that is not managed during the normal user process and is configured with default credentials. This creates a local-access vulnerability with potential partial confidentiality loss and complete availability impact, as indicated by CVSS metrics. The doc...

7.1CVSS6.9AI score0.00388EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/10/28 5:18 p.m.17 views

CVE-2020-16258

Winston 1.5.4 devices make use of a Monit service not managed during the normal user process which is configured with default credentials...

7AI score0.00388EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2020/04/16 12:0 a.m.6 views

The vulnerability of the Monit process management and monitoring tool relates to the lack of measures taken to protect the structure of web pages, allowing attackers to trigger a service failure.

The vulnerability of the Monit process management and monitoring tool is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

6.1CVSS6.1AI score0.02414EPSS
Exploits1References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2020/04/16 12:0 a.m.4 views

The vulnerability of the Util_urlDecode method implementation in the Monit management and monitoring utilities allows a perpetrator to trigger a service failure.

The vulnerability of the UtilurlDecode method in the Monit utility for managing and monitoring processes, programs, files, and directories is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failur...

8.5CVSS7.9AI score0.03138EPSS
Exploits1References8Affected Software4
OpenVAS
OpenVAS
added 2020/04/06 12:0 a.m.24 views

Monit Default Credentials (HTTP)

Monit use the default credentials in a configuration file. Copyright C 2020 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software...

7.3AI score
Exploits0References1
OpenVAS
OpenVAS
added 2020/03/17 12:0 a.m.16 views

Fedora: Security Advisory for monit (FEDORA-2020-f70cd7c24b)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS7.2AI score0.03138EPSS
Exploits2References2
Fedora
Fedora
added 2020/03/16 8:47 p.m.35 views

[SECURITY] Fedora 32 Update: monit-5.26.0-1.fc32

monit is a utility for managing and monitoring, processes, files, directori es and devices on a UNIX system. Monit conducts automatic maintenance and repa ir and can execute meaningful causal actions in error situations...

8.1CVSS2.2AI score0.03138EPSS
Exploits2
OpenVAS
OpenVAS
added 2020/03/13 12:0 a.m.21 views

Fedora: Security Advisory for monit (FEDORA-2020-9c19202d55)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS7.2AI score0.03138EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2020/03/13 12:0 a.m.24 views

Fedora 31 : monit (2020-9c19202d55)

Update to 5.26.0 includes security fix for CVE-2019-11454 and CVE-2019-11455 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

8.1CVSS6.9AI score0.03138EPSS
Exploits2References3
Fedora
Fedora
added 2020/03/12 9:58 p.m.21 views

[SECURITY] Fedora 31 Update: monit-5.26.0-1.fc31

monit is a utility for managing and monitoring, processes, files, directori es and devices on a UNIX system. Monit conducts automatic maintenance and repa ir and can execute meaningful causal actions in error situations...

8.1CVSS2.2AI score0.03138EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2020/01/01 12:0 a.m.6 views

PT-2026-5159

Name of the Vulnerable Software and Affected Versions M/Monit version 3.7.4 Description An authentication issue exists that allows authenticated attackers to retrieve user password hashes. Attackers can send requests to the /api/1/admin/users/list and /api/1/admin/users/get API endpoints to extra...

7.1CVSS5.4AI score0.0042EPSS
Exploits1References11
Rows per page
Query Builder