ID CVE-2004-0798
Summary Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows remote attackers to execute arbitrary code via a long instancename parameter.
References
Vulnerable Configurations
  • cpe:2.3:a:ipswitch:whatsup_gold:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:ipswitch:whatsup_gold:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ipswitch:whatsup_gold:7.03:*:*:*:*:*:*:*
    cpe:2.3:a:ipswitch:whatsup_gold:7.03:*:*:*:*:*:*:*
  • cpe:2.3:a:ipswitch:whatsup_gold:7.04:*:*:*:*:*:*:*
    cpe:2.3:a:ipswitch:whatsup_gold:7.04:*:*:*:*:*:*:*
  • cpe:2.3:a:ipswitch:whatsup_gold:8.0:*:*:*:*:*:*:*
    cpe:2.3:a:ipswitch:whatsup_gold:8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ipswitch:whatsup_gold:8.01:*:*:*:*:*:*:*
    cpe:2.3:a:ipswitch:whatsup_gold:8.01:*:*:*:*:*:*:*
  • cpe:2.3:a:ipswitch:whatsup_gold:8.03:*:*:*:*:*:*:*
    cpe:2.3:a:ipswitch:whatsup_gold:8.03:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 05-10-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 11043
exploit-db 566
idefense 20040825 Ipswitch WhatsUp Gold Remote Buffer Overflow Vulnerability
misc http://www.ipswitch.com/Support/WhatsUp/patch-upgrades.html
xf whatsup-maincfgret-bo(17111)
saint via4
bid 11043
description WhatsUp Gold _maincfgret.cgi instancename buffer overflow
id web_tool_whatsup
osvdb 9177
title whatsup_gold_instancename
type remote
Last major update 05-10-2017 - 01:29
Published 20-10-2004 - 04:00
Last modified 05-10-2017 - 01:29
Back to Top