Published: 20/10/2004 Updated: 05/10/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 760

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold prior to 8.03 Hotfix 1 allows remote malicious users to execute arbitrary code via a long instancename parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ipswitch whatsup gold 8.01
ipswitch whatsup gold 8.03
ipswitch whatsup gold 7.04
ipswitch whatsup gold 8.0
ipswitch whatsup gold 7.0
ipswitch whatsup gold 7.03

#!/usr/bin/perl # [LoWNOISE] NotmuchGpl v15 # ================================================ # IPSWITCH WhatsUp Gold ver803 Remote Buffer Overflow Exploit # ================================================ # # Exploit by ET LoWNOISE Colombia # et(at)cyberspaceorg # Oct/2004 # # Tested on WIN2K SP4 # # The exploit takes control by overwri ...

## # $Id: ipswitch_wug_maincfgretrb 9820 2010-07-14 13:59:38Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' ...

NVD-CWE-Other http://www.idefense.com/application/poi/display?type=vulnerabilities http://www.ipswitch.com/Support/WhatsUp/patch-upgrades.html http://www.securityfocus.com/bid/11043 https://exchange.xforce.ibmcloud.com/vulnerabilities/17111 https://www.exploit-db.com/exploits/566/https://nvd.nist.gov https://www.exploit-db.com/exploits/566/

CVE-2004-0798

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect