CVE-2004-1897 Information

Description

Administration interface in Monit 1.4 through 4.2 allows remote attackers to cause a denial of service (segmentation fault) by sending a Basic Authentication request without a password which causes Monit to decrement a null pointer and perform an out-of-bounds read.

Reference

http://marc.info/?l=bugtraq&m=108119149103696&w=2 http://secunia.com/advisories/11304 http://www.securityfocus.com/bid/10051 http://www.tildeslash.com/monit/changes.html http://www.tildeslash.com/monit/secadv_20040305.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/15734