Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Gentoo Local Security Checks --> Category: infos

[GLSA-200404-16] Multiple new security vulnerabilities in monit Vulnerability Scan

Vulnerability Scan Summary
Multiple new security vulnerabilities in monit

Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200404-16
(Multiple new security vulnerabilities in monit)

Monit has several vulnerabilities in its HTTP interface : a buffer overflow
vulnerability in the authentication handling code and a off-by-one error in
the POST method handling code.


A possible hacker may exploit the off-by-one error to crash the Monit daemon and
create a denial of service condition, or cause a buffer overflow that would
allow arbitrary code to be executed with root rights.


A workaround is not currently known for this issue. All users are advised
to upgrade to the latest version of the affected package.


Monit users should upgrade to version 4.2.1 or later:
# emerge sync
# emerge -pv ">=app-admin/monit-4.2.1"
# emerge ">=app-admin/monit-4.2.1"

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.