Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1084

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2003-1084
Last Modified 05 Sep 2008 04:36:00
Published 24 Nov 2003 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-1084

Summary

Monit 1.4 to 4.1 allows remote attackers to cause a denial of service (daemon crash) via an HTTP POST request with a negative Content-Length field.

Vulnerable Systems

Application

  • Tildeslash Monit 1.4

  • Tildeslash Monit 1.4.1

  • Tildeslash Monit 2.0

  • Tildeslash Monit 2.1

  • Tildeslash Monit 2.1.1

  • Tildeslash Monit 2.2

  • Tildeslash Monit 2.2.1

  • Tildeslash Monit 2.3

  • Tildeslash Monit 2.4

  • Tildeslash Monit 2.4.1

  • Tildeslash Monit 2.4.2

  • Tildeslash Monit 2.4.3

  • Tildeslash Monit 3.0

  • Tildeslash Monit 3.1

  • Tildeslash Monit 3.2

  • Tildeslash Monit 4.0

  • Tildeslash Monit 4.1


References

CERT-VN - VU#206382

XF - monit-negative-content-dos(13818)

BID - 9098

BUGTRAQ - 20031124 Monit 4.1 HTTP interface multiple security vulnerabilities

SECUNIA - 10280

CONFIRM - http://www.tildeslash.com/monit/dist/CHANGES.txt

GENTOO - GLSA-200403-14


Last Updated: 27 May 2016 10:38:13