Published: 28/02/2006 Updated: 18/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote malicious users to cause a denial of service (CPU consumption) via crafted requests to Login.asp, possibly involving the (1) "In]" and (2) "b;tnLogIn" parameters, or (3) malformed btnLogIn parameters, possibly involving missing "[" (open bracket) or "[" (closing bracket) characters, as demonstrated by "&btnLogIn=[Log&In]=&" or "&b;tnLogIn=[Log&In]=&" in the URL. NOTE: due to the lack of diagnosis by the original researcher, the precise nature of the vulnerability is unclear.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ipswitch whatsup professional_2006

source: wwwsecurityfocuscom/bid/16771/info Ipswitch WhatsUp Professional 2006 is susceptible to a remote denial-of-service vulnerability This issue is due to the application's failure to properly handle certain HTTP GET requests This issue allows remote attackers to consume excessive CPU resources on targeted computers, denying service ...

CWE-399 http://zur.homelinux.com/Advisories/ipswitch_dos.txt http://www.securityfocus.com/bid/16771 http://www.osvdb.org/23494 http://securityreason.com/securityalert/472 http://www.vupen.com/english/advisories/2006/0704 https://exchange.xforce.ibmcloud.com/vulnerabilities/24864 http://www.securityfocus.com/archive/1/425780/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/27258/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-0911

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect