{
  "id": "CVE-2004-1898",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2004-12-31T05:00:00.000",
  "lastModified": "2024-11-20T23:52:00.400",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the administration interface in Monit 1.4 through 4.2 allows remote attackers to execute arbitrary code via a long username."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "baseScore": 10.0,
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE"
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": true,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:tildeslash:monit:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "296DFFAB-9402-43F9-9371-65A5F2F62C27"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:tildeslash:monit:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B48FCC46-56B1-4E2C-8605-F55631A38CBC"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:tildeslash:monit:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F5E7AF2-1704-4316-9DC7-0ABD7D1E8549"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:tildeslash:monit:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EA3FD07-57E2-4A44-B9AF-33A499357704"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:tildeslash:monit:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDFB0D31-D4CE-461C-A26E-22A46BDB3EDB"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:tildeslash:monit:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E71F5678-B71A-4CE8-9947-CF40CFB0BF16"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:tildeslash:monit:4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2F9801-D9DE-4C31-99EC-ABA2E564ACFD"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:tildeslash:monit:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "542559A8-C439-4C27-BE43-F4C5C8EBD469"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:tildeslash:monit:4.3_beta_2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E20E0F76-CC67-405A-B970-3F0C30E2DC89"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0076.html",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://marc.info/?l=bugtraq&m=108119149103696&w=2",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://secunia.com/advisories/11304",
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ]
    },
    {
      "url": "http://www.osvdb.org/4981",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.securityfocus.com/bid/10051",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch"
      ]
    },
    {
      "url": "http://www.tildeslash.com/monit/changes.html",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.tildeslash.com/monit/secadv_20040305.txt",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15735",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0076.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://marc.info/?l=bugtraq&m=108119149103696&w=2",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://secunia.com/advisories/11304",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ]
    },
    {
      "url": "http://www.osvdb.org/4981",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://www.securityfocus.com/bid/10051",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ]
    },
    {
      "url": "http://www.tildeslash.com/monit/changes.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://www.tildeslash.com/monit/secadv_20040305.txt",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15735",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    }
  ]
}