|
|
| |
| Ipswitch WhatsUp Gold is "a Microsoft Windows based network monitoring application". WhatsUp Gold allows attackers to execute arbitrary code under the privileges of the user that instantiated the application. |
| |
Credit:
The information has been provided by iDEFENSE.
The original article can be found at: http://www.idefense.com/application/poi/display?id=133&type=vulnerabilities
|
| |
Vulnerable Systems:
* WhatsUp Gold version 8.03
Immune Systems:
* WhatsUp Gold version 8.03 Hotfix 1
Remote exploitation of a buffer overflow vulnerability in IpSwitch Inc.'s WhatsUp Gold allows attackers to execute arbitrary code under the privileges of the user that instantiated the application.
The problem specifically exists in the _maincfgret.cgi script accessible through the web server installed by WhatsUp Gold. By posting a long string for the value of 'instancename', a buffer overflow occurs allowing an attacker to redirect the flow of control and eventually execute arbitrary code.
Analysis:
Successful exploitation allows remote attackers to execute arbitrary code under the privileges of the user that instantiated the application. The WhatsUp Gold web server is not enabled by default.
Workaround:
Disable the WhatsUp Gold web server if it is not required.
Vendor Status:
The buffer overflow is repaired in WhatsUp Gold, version 8.03 Hotfix 1.
CVE Information:
CAN-2004-0798
|
|
|
|
|
