244 matches found
Debian DLA-2855-1 : monit - LTS security update
The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-2855 advisory. Two vulnerabilities were fixed in monit, a utility for monitoring and managing Unix systems. CVE-2019-11454 Persistent cross-site scripting in http/cervlet.c...
DLA-2855-1 monit - security update
Bulletin has no description...
PT-2022-6875 · Tildeslash +4 · Tildeslash Monit +4
Name of the Vulnerable Software and Affected Versions: Tildeslash Monit versions prior to 5.31.0 Description: An issue in Tildeslash Monit allows remote attackers to gain escalated privileges due to improper PAM-authorization. The vulnerability is related to the PAMcheckPasswd function, which has...
USN-4860-1: Monit vulnerabilities
Zack Flack discovered that Monit incorrectly handled certain input. A remote authenticated user could exploit this to conduct cross-site scripting XSS attacks. CVE-2019-11454 Zack Flack discovered a buffer overread when Monit decoded certain crafted URLs. An attacker could exploit this to...
M/Monit 3.7.4 Privilege Escalation
Title: M/Monit 3.7.4 - Privilege Escalation Author: Dolev Farhi Date: 2020-07-09 Vendor Homepage: https://mmonit.com/ Version : 3.7.4 import sys import requests url = 'http://youriphere:8080' username = 'test' password = 'test123' sess = requests.Session sess.gethost def login: print'Attempting t...
M/Monit 3.7.4 - Privilege Escalation
Title: M/Monit 3.7.4 - Privilege Escalation Author: Dolev Farhi Date: 2020-07-09 Vendor Homepage: https://mmonit.com/ Version : 3.7.4 import sys import requests url = 'http://youriphere:8080' username = 'test' password = 'test123' sess = requests.Session sess.gethost def login: print'Attempting t...
CVE-2020-16258
Winston 1.5.4 devices make use of a Monit service not managed during the normal user process which is configured with default credentials...
CVE-2020-16258
Winston 1.5.4 devices make use of a Monit service not managed during the normal user process which is configured with default credentials...
Default credentials
Winston 1.5.4 devices make use of a Monit service not managed during the normal user process which is configured with default credentials...
CVE-2020-16258
Winston 1.5.4 devices expose a Monit service that is not managed during the normal user process and is configured with default credentials. This creates a local-access vulnerability with potential partial confidentiality loss and complete availability impact, as indicated by CVSS metrics. The doc...
CVE-2020-16258
Winston 1.5.4 devices make use of a Monit service not managed during the normal user process which is configured with default credentials...
The vulnerability of the Monit process management and monitoring tool relates to the lack of measures taken to protect the structure of web pages, allowing attackers to trigger a service failure.
The vulnerability of the Monit process management and monitoring tool is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...
The vulnerability of the Util_urlDecode method implementation in the Monit management and monitoring utilities allows a perpetrator to trigger a service failure.
The vulnerability of the UtilurlDecode method in the Monit utility for managing and monitoring processes, programs, files, and directories is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failur...
Monit Default Credentials (HTTP)
Monit use the default credentials in a configuration file. Copyright C 2020 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software...
Fedora: Security Advisory for monit (FEDORA-2020-f70cd7c24b)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 32 Update: monit-5.26.0-1.fc32
monit is a utility for managing and monitoring, processes, files, directori es and devices on a UNIX system. Monit conducts automatic maintenance and repa ir and can execute meaningful causal actions in error situations...
Fedora: Security Advisory for monit (FEDORA-2020-9c19202d55)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 31 : monit (2020-9c19202d55)
Update to 5.26.0 includes security fix for CVE-2019-11454 and CVE-2019-11455 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
[SECURITY] Fedora 31 Update: monit-5.26.0-1.fc31
monit is a utility for managing and monitoring, processes, files, directori es and devices on a UNIX system. Monit conducts automatic maintenance and repa ir and can execute meaningful causal actions in error situations...
PT-2026-5159
Name of the Vulnerable Software and Affected Versions M/Monit version 3.7.4 Description An authentication issue exists that allows authenticated attackers to retrieve user password hashes. Attackers can send requests to the /api/1/admin/users/list and /api/1/admin/users/get API endpoints to extra...