Vulnerability Details CVE-2004-1898
Stack-based buffer overflow in the administration interface in Monit 1.4 through 4.2 allows remote attackers to execute arbitrary code via a long username.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.345
EPSS Ranking 96.8%
CVSS Severity
CVSS v2 Score 10.0
References
- http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0076.html
- http://marc.info/?l=bugtraq&m=108119149103696&w=2
- http://secunia.com/advisories/11304
- http://www.osvdb.org/4981
- http://www.securityfocus.com/bid/10051
- http://www.tildeslash.com/monit/changes.html
- http://www.tildeslash.com/monit/secadv_20040305.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15735
- http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0076.html
- http://marc.info/?l=bugtraq&m=108119149103696&w=2
- http://secunia.com/advisories/11304
- http://www.osvdb.org/4981
- http://www.securityfocus.com/bid/10051
- http://www.tildeslash.com/monit/changes.html
- http://www.tildeslash.com/monit/secadv_20040305.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15735
Products affected by CVE-2004-1898
-
cpe:2.3:a:tildeslash:monit:1.4
-
cpe:2.3:a:tildeslash:monit:3.0
-
cpe:2.3:a:tildeslash:monit:3.1
-
cpe:2.3:a:tildeslash:monit:3.2
-
cpe:2.3:a:tildeslash:monit:4.0
-
cpe:2.3:a:tildeslash:monit:4.1
-
cpe:2.3:a:tildeslash:monit:4.1.1
-
cpe:2.3:a:tildeslash:monit:4.2
-
cpe:2.3:a:tildeslash:monit:4.3_beta_2