QwikSec

Security Database

CVE

CWE

Training

CVE-2019-11455

Published: Apr 22, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

A buffer over-read in Util_urlDecode in util.c in Tildeslash Monit before 5.25.3 allows a remote authenticated attacker to retrieve the contents of adjacent memory via manipulation of GET or POST parameters. The attacker can also cause a denial of service (application outage).

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bitbucket.org/tildeslash/monit/commits/f12d0cdb42d4e74dffe1525d4062c815c48ac57a

x_refsource_MISC

https://github.com/dzflack/exploits/blob/master/unix/monit_buffer_overread.py

x_refsource_MISC

https://github.com/dzflack/exploits/blob/master/macos/monit_dos.py

x_refsource_MISC

[debian-lts-announce] 20190426 [SECURITY] [DLA 1767-1] monit security update

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_UBUNTU

FEDORA-2020-9c19202d55

vendor-advisory

x_refsource_FEDORA

FEDORA-2020-f70cd7c24b

vendor-advisory

x_refsource_FEDORA

[debian-lts-announce] 20211227 [SECURITY] [DLA 2855-1] monit security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.