CyberSec.Space Logo
Back to CVE Browser

CVE-2004-1898

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0960%
EPSS Percentile21.81th
PublishedDec 31, 2004
Last ModifiedApr 16, 2026

Vulnerability Description

Stack-based buffer overflow in the administration interface in Monit 1.4 through 4.2 allows remote attackers to execute arbitrary code via a long username.

Affected Platforms (CPE)

πŸ“¦
Tildeslash

Monit

= 1.4
πŸ“¦
Tildeslash

Monit

= 3.0
πŸ“¦
Tildeslash

Monit

= 3.1
πŸ“¦
Tildeslash

Monit

= 3.2
πŸ“¦
Tildeslash

Monit

= 4.0
πŸ“¦
Tildeslash

Monit

= 4.1
πŸ“¦
Tildeslash

Monit

= 4.1.1
πŸ“¦
Tildeslash

Monit

= 4.2
πŸ“¦
Tildeslash

Monit

= 4.3_beta_2

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0076.html
πŸ”— http://marc.info/?l=bugtraq&m=108119149103696&w=2
πŸ”— http://secunia.com/advisories/11304
πŸ”— http://www.osvdb.org/4981
πŸ”— http://www.securityfocus.com/bid/10051
πŸ”— http://www.tildeslash.com/monit/changes.html
πŸ”— http://www.tildeslash.com/monit/secadv_20040305.txt
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/15735

Related Vulnerabilities

CVE-2003-108310.0

Stack-based buffer overflow in Monit 1.4 to 4.1 allows remote attackers to execute arbitrary code via a long HTTP request.

CVE-2019-114558.1

A buffer over-read in Util_urlDecode in util.c in Tildeslash Monit before 5.25.3 allows a remote authenticated attacker to retriev...

CVE-2020-162587.1

Winston 1.5.4 devices make use of a Monit service (not managed during the normal user process) which is configured with default cr...

CVE-2016-70676.5

Monit before version 5.20.0 is vulnerable to a cross site request forgery attack. Successful exploitation will enable an attacker ...