HTTP: Ipswitch What's Up Gold InstanceName Overflow

This signature detects attempts to exploit a known vulnerability in the Web interface of Ipswitch's What's Up Gold, a network monitoring application. Using the application's Web interface, attackers can send a URL request with an overly long InstanceName variable to crash the Web server or run arbitrary code with the privileges of the Web server process.

Extended Description

Ipswitch WhatsUp Gold is affected by a remote buffer-overflow vulnerability because the application fails to properly validate user-supplied string lengths before copying them into static process buffers. An attacker might leverage this issue to execute arbitrary code on the affected computer with the privileges of the user that started the vulnerable application.

Affected Products

Ipswitch whatsup_gold

Short Name
HTTP:WHATSUP:INSTANCENAME-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2004-0798 Gold InstanceName Ipswitch Overflow Up What's bid:11043 bid:11109
Release Date
10/06/2004
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3336
False Positive
Unknown
Vendors

Ipswitch

CVSS Score

7.5

Found a potential security threat?