Ipswitch WhatsUp Professional 2006 - Authentication Bypass

Related Vulnerabilities: CVE-2006-2531  
Publish Date: 17 May 2006
                source: http://www.securityfocus.com/bid/18019/info

Ipswitch WhatsUp Professional 2006 is susceptible to a remote authentication-bypass vulnerability.

This issue allows remote attackers to gain administrative access to the web-based administrative interface of the application. This will aid them in further network attacks.

The HTTP requests containing the following header information are sufficient to demonstrate this issue:

User-Agent: Ipswitch/1.0
User-Application: NmConsole