Vulnerabilities > CVE-2004-0798 - Remote Buffer Overflow vulnerability in Ipswitch WhatsUp Gold
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows remote attackers to execute arbitrary code via a long instancename parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 6 |
Exploit-Db
description Ipswitch WhatsUp Gold 8.03 Buffer Overflow. CVE-2004-0798. Remote exploit for windows platform id EDB-ID:16787 last seen 2016-02-02 modified 2010-07-14 published 2010-07-14 reporter metasploit source https://www.exploit-db.com/download/16787/ title Ipswitch WhatsUp Gold 8.03 - Buffer Overflow description IPSwitch WhatsUp Gold 8.03 Remote Buffer Overflow Exploit. CVE-2004-0798. Remote exploit for windows platform file exploits/windows/remote/566.pl id EDB-ID:566 last seen 2016-01-31 modified 2004-10-04 platform windows port 80 published 2004-10-04 reporter LoWNOISE source https://www.exploit-db.com/download/566/ title IPSwitch WhatsUp Gold 8.03 - Remote Buffer Overflow Exploit type remote
Metasploit
description | This module exploits a buffer overflow in IPswitch WhatsUp Gold 8.03. By posting a long string for the value of 'instancename' in the _maincfgret.cgi script an attacker can overflow a buffer and execute arbitrary code on the system. |
id | MSF:EXPLOIT/WINDOWS/HTTP/IPSWITCH_WUG_MAINCFGRET |
last seen | 2020-04-11 |
modified | 2018-08-20 |
published | 2006-11-01 |
references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0798 |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/http/ipswitch_wug_maincfgret.rb |
title | Ipswitch WhatsUp Gold 8.03 Buffer Overflow |
Nessus
NASL family | CGI abuses |
NASL id | MAINCFGRET.NASL |
description | The |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 15564 |
published | 2004-10-25 |
reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/15564 |
title | Ipswitch WhatsUp Gold _maincfgret.cgi Remote Overflow |
code |
|
Packetstorm
data source | https://packetstormsecurity.com/files/download/83076/ipswitch_wug_maincfgret.rb.txt |
id | PACKETSTORM:83076 |
last seen | 2016-12-05 |
published | 2009-11-26 |
reporter | MC |
source | https://packetstormsecurity.com/files/83076/Ipswitch-WhatsUp-Gold-8.03-Buffer-Overflow.html |
title | Ipswitch WhatsUp Gold 8.03 Buffer Overflow |
Saint
bid | 11043 |
description | WhatsUp Gold _maincfgret.cgi instancename buffer overflow |
id | web_tool_whatsup |
osvdb | 9177 |
title | whatsup_gold_instancename |
type | remote |