CVE-2004-1897

Monit 1.4-4.2 - Denial of Service via Basic Authentication Request Without Password

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1897. PoCs published by Abhisek Datta.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Monit <= 4.2 by sending a maliciously crafted HTTP request with an overly long Base64-encoded Basic Authentication header. The payload includes shellcode to spawn a bind shell on port 31337.

Description

Administration interface in Monit 1.4 through 4.2 allows remote attackers to cause a denial of service (segmentation fault) by sending a Basic Authentication request without a password, which causes Monit to decrement a null pointer and perform an out-of-bounds read.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Abhisek Datta · cremotelinux

https://www.exploit-db.com/exploits/174

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Monit <= 4.2 by sending a maliciously crafted HTTP request with an overly long Base64-encoded Basic Authentication header. The payload includes shellcode to spawn a bind shell on port 31337.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Monit <= 4.2

No auth needed

Prerequisites: Network access to the Monit service · Monit service running with vulnerable version

MITRE ATT&CK