Info

Disclosure

Aug 25, 2004

Discovery

Aug 12, 2004

Dates

Exploit

Oct 03, 2004

Solution

Unknown

Description

A remote overflow exists in WhatsUp Gold. The _maincfgret.cgi script fails to properly bounds check the instancename variable resulting in a buffer overflow. With a specially crafted request, an attacker can potentially execute arbitrary code resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Public, Exploit Commercial

Solution

Upgrade to version 8.03 Hotfix 1 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): disable the web interface

Products

Ipswitch, Inc.	WhatsUp Gold	4.0
		4.0x
		5.0
		5.0x
		6.0
	WhatsUp Gold	6.0
		6.0x
		7.0
		7.0x
		8.0
		8.01
		8.01 Hotfix 1
		8.03

References

Security Tracker: 1011064
Secunia Advisory ID: 12384
ISS X-Force ID: 17111
CVE ID: 2004-0798 (see also: NVD)
Milw0rm: 566
Exploit Database: 566
Metasploit ID: 9177
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-10/0022.html
Other Advisory URL: http://www.idefense.com/application/poi/display?id=133&type=vulnerabilities
Vendor URL: http://www.ipswitch.com/
Generic Exploit URL: http://www.saintcorporation.com/cgi-bin/exploit_info/whatsup_gold_instancename

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/9177

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Ipswitch, Inc.

WhatsUp Gold

WhatsUp Gold

References

Credit