Vulnerability Note VU#623854

Monit fails to properly handle negative Content-Length fields

Overview

Monit fails to properly handle HTTP requests containing a negative Content-Length field.

I. Description

Monit is a utility to monitor system processes, files, directories, devices, and remote hosts. It provides a web-based interface that can be used to access the Monit server. When processing HTTP requests, Monit fails to properly sanitize the Content-Length field. By supplying a negative value for the Content-Length field of an HTTP request, an unauthenticated, remote attacker could cause the Monit daemon to crash.

II. Impact

A remote, unauthenticated attacker could cause the Monit daemon to crash, resulting in a denial-of-service condition.

III. Solution

Upgrade

Upgrade to Monit version 4.1.1 or later.

Systems Affected

Vendor	Status	Date Notified	Date Updated
Tildeslash	Vulnerable	6-Apr-2004

References

http://www.tildeslash.com/monit/
http://www.tildeslash.com/monit/changes.html
http://www.s-quadra.com/advisories/Adv-20031124.txt
http://www.securityfocus.com/bid/9098
http://forums.gentoo.org/viewtopic.php?t=155764

Credit

This vulnerability was reported by Evgeny Legerov of S-Quadra.

This document was written by Damon Morda.

Other Information

Date Public:	2004-03-31
Date First Published:	2004-04-06
Date Last Updated:	2004-04-06
CERT Advisory:
CVE-ID(s):
NVD-ID(s):
US-CERT Technical Alerts:
Metric:	1.27
Document Revision:	14

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Get Adobe Reader