Signature Detail
Short Name |
HTTP:WHATSUP:INSTANCENAME-OF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Ipswitch What's Up Gold InstanceName Overflow |
Release Date |
2004/10/06 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Ipswitch What's Up Gold InstanceName Overflow
This signature detects attempts to exploit a known vulnerability in the Web interface of Ipswitch's What's Up Gold, a network monitoring application. Using the application's Web interface, attackers can send a URL request with an overly long InstanceName variable to crash the Web server or run arbitrary code with the privileges of the Web server process.
Extended Description
Ipswitch WhatsUp Gold is affected by a remote buffer-overflow vulnerability because the application fails to properly validate user-supplied string lengths before copying them into static process buffers. An attacker might leverage this issue to execute arbitrary code on the affected computer with the privileges of the user that started the vulnerable application.
Affected Products
- Ipswitch WhatsUp Gold 7.0.0
- Ipswitch WhatsUp Gold 7.0.0 3
- Ipswitch WhatsUp Gold 7.0.0 4
- Ipswitch WhatsUp Gold 8.0.0
- Ipswitch WhatsUp Gold 8.0.0 1
- Ipswitch WhatsUp Gold 8.0.0 3
References
- BugTraq: 11043
- BugTraq: 11109
- CVE: CVE-2004-0798
- URL: http://www.idefense.com/application/poi/display?id=133&type=vulnerabilities&flashstatus=false