var-200410-0022
Vulnerability from variot
Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows remote attackers to execute arbitrary code via a long instancename parameter. Ipswitch WhatsUp Gold is affected by a remote buffer-overflow vulnerability because the application fails to properly validate user-supplied string lengths before copying them into static process buffers. An attacker might leverage this issue to execute arbitrary code on the affected computer with the privileges of the user that started the vulnerable application. The software supports the performance management of networks, servers, virtual environments and applications. The _maincfgret.cgi program of WhatsUp Gold does not correctly check and filter the instancename parameter submitted by the user. <**>. BACKGROUND
Ipswitch WhatsUp Gold is a Microsoft Windows based network monitoring application. More information is available at:
http://www.Ipswitch.com/products/whatsup/index.html
II.
The problem specifically exists in the _maincfgret.cgi script accessible through the web server installed by WhatsUp Gold.
III. The WhatsUp Gold web server is not enabled by default.
IV. DETECTION
iDEFENSE has confirmed the existence of this vulnerability against WhatsUp Gold version 8.03. iDEFENSE has confirmed that the latest version of WhatsUp Gold, version 8.03 Hotfix 1, is not vulnerable.
V. WORKAROUND
Disable the WhatsUp Gold web server if it is not required.
VI.
VII. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CAN-2004-0798 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems.
VIII. DISCLOSURE TIMELINE
08/12/2004 Initial vendor notification 08/12/2004 iDEFENSE clients notified 08/12/2004 Initial vendor response 08/25/2004 Public disclosure
IX. CREDIT
The discoverer wishes to remain anonymous.
Get paid for vulnerability research http://www.idefense.com/poi/teams/vcp.jsp
X. LEGAL NOTICES
Copyright (c) 2004 iDEFENSE, Inc.
Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDEFENSE. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please email customerservice@idefense.com for permission.
Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information.
Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200410-0022",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "whatsup gold",
"scope": "eq",
"trust": 1.0,
"vendor": "progress",
"version": "8.01"
},
{
"model": "whatsup gold",
"scope": "eq",
"trust": 1.0,
"vendor": "progress",
"version": "8.03"
},
{
"model": "whatsup gold",
"scope": "eq",
"trust": 1.0,
"vendor": "progress",
"version": "8.0"
},
{
"model": "whatsup gold",
"scope": "eq",
"trust": 1.0,
"vendor": "progress",
"version": "7.03"
},
{
"model": "whatsup gold",
"scope": "eq",
"trust": 1.0,
"vendor": "progress",
"version": "7.04"
},
{
"model": "whatsup gold",
"scope": "eq",
"trust": 1.0,
"vendor": "progress",
"version": "7.0"
},
{
"model": "whatsup gold",
"scope": "eq",
"trust": 0.9,
"vendor": "ipswitch",
"version": "8.03"
},
{
"model": "whatsup gold",
"scope": "eq",
"trust": 0.9,
"vendor": "ipswitch",
"version": "8.01"
},
{
"model": "whatsup gold",
"scope": "eq",
"trust": 0.9,
"vendor": "ipswitch",
"version": "8.0"
},
{
"model": "whatsup gold",
"scope": "eq",
"trust": 0.9,
"vendor": "ipswitch",
"version": "7.04"
},
{
"model": "whatsup gold",
"scope": "eq",
"trust": 0.9,
"vendor": "ipswitch",
"version": "7.03"
},
{
"model": "whatsup gold",
"scope": "eq",
"trust": 0.9,
"vendor": "ipswitch",
"version": "7.0"
},
{
"model": "whatsup gold hotfix",
"scope": "ne",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.031"
}
],
"sources": [
{
"db": "BID",
"id": "11043"
},
{
"db": "CNNVD",
"id": "CNNVD-200410-069"
},
{
"db": "NVD",
"id": "CVE-2004-0798"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The individual responsible for discovery of this issue is currently unknown.",
"sources": [
{
"db": "BID",
"id": "11043"
}
],
"trust": 0.3
},
"cve": "CVE-2004-0798",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2004-0798",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9228",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-0798",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200410-069",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9228",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9228"
},
{
"db": "CNNVD",
"id": "CNNVD-200410-069"
},
{
"db": "NVD",
"id": "CVE-2004-0798"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows remote attackers to execute arbitrary code via a long instancename parameter. Ipswitch WhatsUp Gold is affected by a remote buffer-overflow vulnerability because the application fails to properly validate user-supplied string lengths before copying them into static process buffers. \nAn attacker might leverage this issue to execute arbitrary code on the affected computer with the privileges of the user that started the vulnerable application. The software supports the performance management of networks, servers, virtual environments and applications. The _maincfgret.cgi program of WhatsUp Gold does not correctly check and filter the instancename parameter submitted by the user. \u003c**\u003e. BACKGROUND\n\nIpswitch WhatsUp Gold is a Microsoft Windows based network monitoring\napplication. More information is available at:\n\n http://www.Ipswitch.com/products/whatsup/index.html\n\nII. \n\nThe problem specifically exists in the _maincfgret.cgi script accessible\nthrough the web server installed by WhatsUp Gold. \n\nIII. \nThe WhatsUp Gold web server is not enabled by default. \n\nIV. DETECTION\n\niDEFENSE has confirmed the existence of this vulnerability against\nWhatsUp Gold version 8.03. iDEFENSE has confirmed that the latest\nversion of WhatsUp Gold, version 8.03 Hotfix 1, is not vulnerable. \n\nV. WORKAROUND\n\nDisable the WhatsUp Gold web server if it is not required. \n\nVI. \n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CAN-2004-0798 to this issue. This is a candidate for inclusion in\nthe CVE list (http://cve.mitre.org),\nwhich standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n08/12/2004 Initial vendor notification\n08/12/2004 iDEFENSE clients notified\n08/12/2004 Initial vendor response\n08/25/2004 Public disclosure\n\nIX. CREDIT\n\nThe discoverer wishes to remain anonymous. \n\nGet paid for vulnerability research\nhttp://www.idefense.com/poi/teams/vcp.jsp\n\nX. LEGAL NOTICES\n\nCopyright (c) 2004 iDEFENSE, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDEFENSE. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically, please\nemail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \nThere are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct, indirect,\nor consequential loss or damage arising from use of, or reliance on,\nthis information. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.netsys.com/full-disclosure-charter.html\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0798"
},
{
"db": "BID",
"id": "11043"
},
{
"db": "VULHUB",
"id": "VHN-9228"
},
{
"db": "PACKETSTORM",
"id": "34168"
}
],
"trust": 1.35
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9228",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9228"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-0798",
"trust": 2.1
},
{
"db": "BID",
"id": "11043",
"trust": 2.0
},
{
"db": "EXPLOIT-DB",
"id": "566",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-200410-069",
"trust": 0.7
},
{
"db": "XF",
"id": "17111",
"trust": 0.6
},
{
"db": "IDEFENSE",
"id": "20040825 IPSWITCH WHATSUP GOLD REMOTE BUFFER OVERFLOW VULNERABILITY",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "34168",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "83076",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16787",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-71291",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9228",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9228"
},
{
"db": "BID",
"id": "11043"
},
{
"db": "PACKETSTORM",
"id": "34168"
},
{
"db": "CNNVD",
"id": "CNNVD-200410-069"
},
{
"db": "NVD",
"id": "CVE-2004-0798"
}
]
},
"id": "VAR-200410-0022",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9228"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-28T23:06:13.190000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0798"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.ipswitch.com/support/whatsup/patch-upgrades.html"
},
{
"trust": 1.8,
"url": "http://www.idefense.com/application/poi/display?type=vulnerabilities"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11043"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/566/"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17111"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/17111"
},
{
"trust": 0.3,
"url": "http://www.idefense.com/application/poi/display?id=133\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 0.1,
"url": "http://lists.netsys.com/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/poi/teams/vcp.jsp"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0798"
},
{
"trust": 0.1,
"url": "http://www.ipswitch.com/products/whatsup/index.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org),"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9228"
},
{
"db": "BID",
"id": "11043"
},
{
"db": "PACKETSTORM",
"id": "34168"
},
{
"db": "CNNVD",
"id": "CNNVD-200410-069"
},
{
"db": "NVD",
"id": "CVE-2004-0798"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-9228"
},
{
"db": "BID",
"id": "11043"
},
{
"db": "PACKETSTORM",
"id": "34168"
},
{
"db": "CNNVD",
"id": "CNNVD-200410-069"
},
{
"db": "NVD",
"id": "CVE-2004-0798"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-10-20T00:00:00",
"db": "VULHUB",
"id": "VHN-9228"
},
{
"date": "2004-08-25T00:00:00",
"db": "BID",
"id": "11043"
},
{
"date": "2004-08-26T21:51:30",
"db": "PACKETSTORM",
"id": "34168"
},
{
"date": "2004-08-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200410-069"
},
{
"date": "2004-10-20T04:00:00",
"db": "NVD",
"id": "CVE-2004-0798"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-9228"
},
{
"date": "2008-02-01T19:07:00",
"db": "BID",
"id": "11043"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200410-069"
},
{
"date": "2024-08-27T17:48:24.383000",
"db": "NVD",
"id": "CVE-2004-0798"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "34168"
},
{
"db": "CNNVD",
"id": "CNNVD-200410-069"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch WhatsUp Gold Remote Buffer Overflow Vulnerability",
"sources": [
{
"db": "BID",
"id": "11043"
},
{
"db": "CNNVD",
"id": "CNNVD-200410-069"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "11043"
},
{
"db": "CNNVD",
"id": "CNNVD-200410-069"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.