漏洞信息详情
Monit过度超长请求HTTP请求缓冲区泛滥漏洞
- CNNVD编号:CNNVD-200312-348
- 危害等级: 超危
![图片[1]-Monit过度超长请求HTTP请求缓冲区泛滥漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-17/c4e67a37c54aee8c0e1983d8333a9158.png)
- CVE编号:
CVE-2003-1083
- 漏洞类型:
缓冲区溢出
- 发布时间:
2003-12-31
- 威胁类型:
远程
- 更新时间:
2005-10-20
- 厂 商:
tildeslash - 漏洞来源:
The discovery of t… -
漏洞简介
Monit 1.4版本到4.1版本存在基于堆的缓冲区溢出漏洞。远程攻击者可以借助超长HTTP请求执行任意代码。
漏洞公告
The vendor has release Monit 4.1.1 to address this issue in affected versions. Users are advised to upgrade to the latest version as soon as possible.
Gentoo has released an advisory GLSA 200403-14 to address this and another issue in Monit. Please see the referenced advisory for more information. Gentoo users may carry out the following commands to upgrade to Monit version 4.2:
# emerge sync
# emerge -pv “>=app-admin/monit-4.2”
# emerge “>=app-admin/monit-4.2”
TildeSlash Monit 1.4
-
TildeSlash Monit 4.1.1
http://www.tildeslash.com/monit/dist/monit-4.1.1.tar.gz
TildeSlash Monit 1.4.1
-
TildeSlash Monit 4.1.1
http://www.tildeslash.com/monit/dist/monit-4.1.1.tar.gz
TildeSlash Monit 2.0
-
TildeSlash Monit 4.1.1
http://www.tildeslash.com/monit/dist/monit-4.1.1.tar.gz
TildeSlash Monit 2.1
-
TildeSlash Monit 4.1.1
http://www.tildeslash.com/monit/dist/monit-4.1.1.tar.gz
TildeSlash Monit 2.1.1
-
TildeSlash Monit 4.1.1
http://www.tildeslash.com/monit/dist/monit-4.1.1.tar.gz
TildeSlash Monit 2.2
-
TildeSlash Monit 4.1.1
http://www.tildeslash.com/monit/dist/monit-4.1.1.tar.gz
TildeSlash Monit 2.2.1
-
TildeSlash Monit 4.1.1
http://www.tildeslash.com/monit/dist/monit-4.1.1.tar.gz
TildeSlash Monit 2.3
-
TildeSlash Monit 4.1.1
http://www.tildeslash.com/monit/dist/monit-4.1.1.tar.gz
TildeSlash Monit 2.4
-
TildeSlash Monit 4.1.1
http://www.tildeslash.com/monit/dist/monit-4.1.1.tar.gz
TildeSlash Monit 2.4.1
-
TildeSlash Monit 4.1.1
http://www.tildeslash.com/monit/dist/monit-4.1.1.tar.gz
TildeSlash Monit 2.4.2
-
TildeSlash Monit 4.1.1
http://www.tildeslash.com/monit/dist/monit-4.1.1.tar.gz
TildeSlash Monit 2.4.3
-
TildeSlash Monit 4.1.1
http://www.tildeslash.com/monit/dist/monit-4.1.1.tar.gz
TildeSlash Monit 3.0
-
TildeSlash Monit 4.1.1
http://www.tildeslash.com/monit/dist/monit-4.1.1.tar.gz
TildeSlash Monit 3.1
-
TildeSlash Monit 4.1.1
http://www.tildeslash.com/monit/dist/monit-4.1.1.tar.gz
TildeSlash Monit 3.2
-
TildeSlash Monit 4.1.1
http://www.tildeslash.com/monit/dist/monit-4.1.1.tar.gz
TildeSlash Monit 4.0
-
TildeSlash Monit 4.1.1
http://www.tildeslash.com/monit/dist/monit-4.1.1.tar.gz
TildeSlash Monit 4.1
-
TildeSlash Monit 4.1.1
http://www.tildeslash.com/monit/dist/monit-4.1.1.tar.gz
参考网址
来源:US-CERT Vulnerability Note: VU#623854
名称: VU#623854
链接:http://www.kb.cert.org/vuls/id/623854
来源: XF
名称: monit-http-bo(13817)
链接:http://xforce.iss.net/xforce/xfdb/13817
来源: BID
名称: 9099
链接:http://www.securityfocus.com/bid/9099
来源: GENTOO
名称: GLSA-200403-14
链接:http://security.gentoo.org/glsa/glsa-200403-14.xml
来源: SECUNIA
名称: 10280
链接:http://secunia.com/advisories/10280
来源: www.tildeslash.com
链接:http://www.tildeslash.com/monit/dist/CHANGES.txt
来源: BUGTRAQ
名称: 20031124 Monit 4.1 HTTP interface multiple security vulnerabilities
链接:http://www.securityfocus.com/archive/1/345417
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
