Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Gentoo Local Security Checks --> Category: infos

[GLSA-200403-14] Multiple Security Vulnerabilities in Monit Vulnerability Scan

Vulnerability Scan Summary
Multiple Security Vulnerabilities in Monit

Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200403-14
(Multiple Security Vulnerabilities in Monit)

A denial of service may occur due to Monit not sanitizing remotely supplied
HTTP parameters before passing them to memory allocation functions. This
could allow a possible hacker to cause an unexpected condition that could lead to
the Monit daemon crashing.
An overly long http request method may cause a buffer overflow due to Monit
performing insufficient bounds checking when handling HTTP requests.


A possible hacker may crash the Monit daemon to create a denial of service
condition or cause a buffer overflow that would allow arbitrary code to be
executed with root rights.


A workaround is not currently known for this issue. All users are advised
to upgrade to the latest version of the affected package.


Monit users should upgrade to version 4.2 or later:
# emerge sync
# emerge -pv ">=app-admin/monit-4.2"
# emerge ">=app-admin/monit-4.2"

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.