Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2003-1083Improper Restriction of Operations within the Bounds of a Memory Buffer in Monit

6 documents5 sources
Severity
10.0CRITICALNVD
EPSS
55.8%
top 1.90%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Tildeslash MonitDebian Monit
Timeline
PublishedDec 31
Latest updateApr 29

Description

Stack-based buffer overflow in Monit 1.4 to 4.1 allows remote attackers to execute arbitrary code via a long HTTP request.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

debiandebian/monit< monit 1:4.2.1-1 (bookworm)
Debiantildeslash/monit< 1:4.2.1-1+3
NVDtildeslash/monit17 versions+16

Patches

Patch: secunia.comPatch: security.gentoo.orgPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-6p52-6mw3-w4wv: Stack-based buffer overflow in Monit 12022-04-29
OSV
CVE-2003-1083: Stack-based buffer overflow in Monit 12003-12-31

💥Exploits & PoCs

2
Exploit-DB
Monit 4.1 - Remote Buffer Overflow2004-04-09
Exploit-DB
Monit 1.4/2.x/3/4 - 'HTTP Request' Buffer Overrun2003-11-24

📋Vendor Advisories

1
Debian
CVE-2003-1083: monit - Stack-based buffer overflow in Monit 1.4 to 4.1 allows remote attackers to execu...2003
CVE-2003-1083 — Debian Monit vulnerability | cvebase