[UNIX] Monit HTTP Interface Multiple Security Vulnerabilities

From: SecuriTeam (support_at_securiteam.com)
Date: 11/26/03

  • Next message: SecuriTeam: "[TOOL] OSSIM - Open Source Security Information Management" 
    To: list@securiteam.com
Date: 26 Nov 2003 15:24:18 +0200

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    The SecuriTeam alerts list - Free, Accurate, Independent.

    Get your security news from a reliable source.
    http://www.securiteam.com/mailinglist.html

    - - - - - - - - -

      Monit HTTP Interface Multiple Security Vulnerabilities
    ------------------------------------------------------------------------

    SUMMARY

     <http://www.tildeslash.com/monit/> Monit is "a utility for managing and
    monitoring, processes, files, directories and devices on a UNIX system. It
    conducts automatic maintenance and repair and can execute meaningful
    causal actions in error situations. Monit provides a HTTP(S) interface and
    you can use a browser to access the Monit server".

    There exist several security vulnerabilities in Monit HTTP interface,
    which could allow an attacker in the worst case to gain root access to the
    system.

    DETAILS

    Vulnerable systems:
     * Monit version 4.1

    Immune systems:
     * Monit version 4.1.1

    Long HTTP Method Stack Overflow
    By supplying an overly large http request method and attacker could
    trigger a stack overflow condition which may lead to a remote root
    compromise.

    Denial of Service via Negative Content-Length Field
    By supplying a negative value in Content-Length header an attacker could
    cause a xmalloc() failure and kill a Monit daemon.

    Solution:
    S-Quadra alerted Monit development team to this issue on 21st November
    2003. New version of Monit 4.1.1 is available at
    <http://www.tildeslash.com/monit/dist/monit-4.1.1.tar.gz>
    http://www.tildeslash.com/monit/dist/monit-4.1.1.tar.gz which fixes the
    reported security vulnerabilities.

    ADDITIONAL INFORMATION

    The information has been provided by <mailto:e.legerov@s-quadra.com>
    S-Quadra Security Research.

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

  • Next message: SecuriTeam: "[TOOL] OSSIM - Open Source Security Information Management"

    Relevant Pages