OpenBSD VuXML: Documenting security issues in the OpenBSD Ports & Packages Collection

monit -- multiple vulnerabilities

Affected packages
monit < 4.2.1

Details

VuXML ID 5b0a3876-8d8e-11d8-9680-00304f19272c
Discovery 2004-04-05
Entry 2004-04-13

Three vulnerabilities were found in Monit during a simple code review. All of the vulnerabilities are in Monit's HTTP/HTTPS administration interfaces, and as such can only be exploited if the interface is enabled and accessible. Two of the vulnerabilities lie in the Basic authentication code, while one vulnerability lies in the processing of POST requests.

References

URL http://marc.theaimsgroup.com/?l=bugtraq&m=108119149103696&w=2
URL http://www.tildeslash.com/monit/secadv_20040305.txt

Copyright © 2003-2005 Jacques Vidrine, Robert Nagy, and contributors.
Please see the source of this document for full copyright information.