CyberSec.Space Logo
返回 CVE 浏览器

CVE-2004-1898

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0960%
EPSS Percentile21.81th
Published2004年12月31日
Last Modified2026年4月16日

Vulnerability Description

Stack-based buffer overflow in the administration interface in Monit 1.4 through 4.2 allows remote attackers to execute arbitrary code via a long username.

Affected Platforms (CPE)

📦
Tildeslash

Monit

= 1.4
📦
Tildeslash

Monit

= 3.0
📦
Tildeslash

Monit

= 3.1
📦
Tildeslash

Monit

= 3.2
📦
Tildeslash

Monit

= 4.0
📦
Tildeslash

Monit

= 4.1
📦
Tildeslash

Monit

= 4.1.1
📦
Tildeslash

Monit

= 4.2
📦
Tildeslash

Monit

= 4.3_beta_2

References & Advisories

🔗 http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0076.html
🔗 http://marc.info/?l=bugtraq&m=108119149103696&w=2
🔗 http://secunia.com/advisories/11304
🔗 http://www.osvdb.org/4981
🔗 http://www.securityfocus.com/bid/10051
🔗 http://www.tildeslash.com/monit/changes.html
🔗 http://www.tildeslash.com/monit/secadv_20040305.txt
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/15735

相关漏洞威胁

CVE-2003-108310.0

Stack-based buffer overflow in Monit 1.4 to 4.1 allows remote attackers to execute arbitrary code via a long HTTP request.

CVE-2019-114558.1

A buffer over-read in Util_urlDecode in util.c in Tildeslash Monit before 5.25.3 allows a remote authenticated attacker to retriev...

CVE-2020-162587.1

Winston 1.5.4 devices make use of a Monit service (not managed during the normal user process) which is configured with default cr...

CVE-2016-70676.5

Monit before version 5.20.0 is vulnerable to a cross site request forgery attack. Successful exploitation will enable an attacker ...