CVE-2004-1898

Monit 1.4-4.2 - Stack-Based Buffer Overflow via Long Username

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1898. PoCs published by rtk.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Monit <= 4.2 by sending a maliciously crafted HTTP request with an overly long Base64-encoded Basic Authentication header. It includes shellcode to spawn a bind shell on port 31337.

Description

Stack-based buffer overflow in the administration interface in Monit 1.4 through 4.2 allows remote attackers to execute arbitrary code via a long username.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rtk · cremotelinux

https://www.exploit-db.com/exploits/580

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Monit <= 4.2 by sending a maliciously crafted HTTP request with an overly long Base64-encoded Basic Authentication header. It includes shellcode to spawn a bind shell on port 31337.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Monit <= 4.2

No auth needed

Prerequisites: Network access to the target Monit service · Target must be running a vulnerable version of Monit

MITRE ATT&CK