Administration interface in Monit 1.4 through 4.2 allows remote attackers to cause a denial of service (segmentation fault) by sending a Basic Authentication request without a password, which causes Monit to decrement a null pointer and perform an out-of-bounds read.
https://exchange.xforce.ibmcloud.com/vulnerabilities/15734
http://www.tildeslash.com/monit/secadv_20040305.txt
http://www.tildeslash.com/monit/changes.html