A remote overflow exists in WhatsUp Gold. The _maincfgret.cgi script fails to properly bounds check the instancename variable resulting in a buffer overflow. With a specially crafted request, an attacker can potentially execute arbitrary code resulting in a loss of integrity.

Upgrade to version 8.03 Hotfix 1 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): disable the web interface

• Security Tracker: 1011064
• Secunia Advisory ID: 12384
• ISS X-Force ID: 17111
• CVE ID: 2004-0798 (see also: NVD)
• Milw0rm: 566
• Exploit Database: 566
• Metasploit ID: 9177
• Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-10/0022.html
• Other Advisory URL: http://www.idefense.com/application/poi/display?id=133&type=vulnerabilities
• Vendor URL: http://www.ipswitch.com/
• Generic Exploit URL: http://www.saintcorporation.com/cgi-bin/exploit_info/whatsup_gold_instancename

• Anonymous - iDefense Labs VCP