Vulnerability Details : CVE-2004-1898
Stack-based buffer overflow in the administration interface in Monit 1.4 through 4.2 allows remote attackers to execute arbitrary code via a long username.
Vulnerability category: OverflowExecute code
Products affected by CVE-2004-1898
- cpe:2.3:a:tildeslash:monit:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:tildeslash:monit:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:tildeslash:monit:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:tildeslash:monit:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:tildeslash:monit:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:tildeslash:monit:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:tildeslash:monit:4.3_beta_2:*:*:*:*:*:*:*
- cpe:2.3:a:tildeslash:monit:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:tildeslash:monit:4.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2004-1898
11.14%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 95 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2004-1898
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2004-1898
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/15735
monit off-by-one buffer overflow CVE-2004-1898 Vulnerability Report
-
http://marc.info/?l=bugtraq&m=108119149103696&w=2
'Advisory: Multiple Vulnerabilities in Monit' - MARC
-
http://www.securityfocus.com/bid/10051
Exploit;Patch
Jump to