CVE-2020-36969 M/Monit 3.7.4 - Privilege Escalation

M/Monit 3.7.4 contains a privilege escalation vulnerability that allows authenticated users to modify user permissions by manipulating the admin parameter. Attackers can send a POST request to the /api/1/admin/users/update endpoint with a crafted payload to grant administrative access to a standa...

CVE-2020-36969

Removed by vendor...

CVE-2020-36968

CVE-2020-36968 affects M/Monit 3.7.4. An authentication vulnerability allows authenticated attackers to retrieve user password hashes by calling administrative API endpoints /api/1/admin/users/list and /api/1/admin/users/get, extracting MD5 hashes for all users. Multiple connected sources (Debian...

CVE-2020-36968

Removed by vendor...

CVE-2003-1084

Monit 1.4 to 4.1 allows remote attackers to cause a denial of service daemon crash via an HTTP POST request with a negative Content-Length field...

Monit 4.2 - Remote Buffer Overflow

/ THE EYE ON SECURITY RESEARCH GROUP - INDIA www eos-india net poc 305monit.c Remote Root Exploit for Monit include include include include define BUFFSIZE 2048 define PADDING 40 define EXPSIZE 256+4+PADDING define MAXARCH 2 struct eos char arch; unsigned long ret; targets = "Monit-4.2-Gentoo",...

Monit <= 4.1 Remote Root Buffer Overflow Exploit

Exploit for linux platform in category remote exploits ================================================ Monit \n\n"; exit0; print "HOST:\t$ARGV0\n"; print "PORT:\t2812\n"; my $buffer = "B" x 284 . "\xcf\x89\xb3\x40" . $shellcode; esp mandrake 9.1 my $buffer = "A" x 284 . "XXXX" . "B" x 100; dos a...

Monit 4.1 - Remote Buffer Overflow

Monit 4.1 - Remote Buffer Overflow !/usr/bin/perl monit \n\n"; exit0; print "HOST:\t$ARGV0\n"; print "PORT:\t2812\n"; my $buffer = "B" x 284 . "\xcf\x89\xb3\x40" . $shellcode; esp mandrake 9.1 my $buffer = "A" x 284 . "XXXX" . "B" x 100; dos and debug print "connecting to server...\n"; $socket =...