monit negative Content-Length denial of service
| monit-negative-content-dos (13818) |  Medium Risk |
Description:
monit is vulnerable to a denial of service. A remote attacker could send a request with a negative Content-Length value to monit to cause the tool to crash.
Consequences:
Denial of Service
Remedy:
Upgrade to the latest version of monit (4.1.1 or later), available from the monit Web site. See References.
For Gentoo Linux:
Upgrade to the latest version of monit (4.2 or later), as listed in GLSA 200403-14. See References.
For other distributions:
Contact your vendor for upgrade or patch information.
References:
- Full-Disclosure Mailing List, Mon Nov 24 2003 - 07:20:19 CST: Monit 4.1 HTTP interface multiple security vulnerabilities .
- GLSA 200403-14: Multiple Security Vulnerabilities in Monit. (From LinuxSecurity archive)
- monit Web site: Index of /monit/dist.
- BID-9098: Monit HTTP Content-Length Parameter Denial of Service Vulnerability
- CVE-2003-1084: Monit 1.4 to 4.1 allows remote attackers to cause a denial of service (daemon crash) via an HTTP POST request with a negative Content-Length field.
- GLSA-200403-14: Multiple Security Vulnerabilities in Monit
- SA10280: Monit HTTP Request Handling Vulnerabilities
- US-CERT VU#206382: Monit fails to properly handle overly long HTTP requests
Platforms Affected:
- Gentoo Linux
- tildeslash monit 4.1
Reported:
Nov 24, 2003
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net