CVSS: 5.0EPSS: 0%CPEs: 7EXPL: 0CVE-2004-0799
https://notcve.org/view.php?id=CVE-2004-0799
The HTTP daemon in Ipswitch WhatsUp Gold 8.03 and 8.03 Hotfix 1 allows remote attackers to cause a denial of service (server crash) via a GET request containing an MS-DOS device name, as demonstrated using "prn.htm". El demonio HTTP de Ipswitch WhatsUp Gold 8,03 y 8.03 Hotfix 1 permite a atacantes remotos causar una denegación de servicio (caída del servidor) mediante una petición GET conteniendo un nombre de dispositivo MS-DOS, como se ha demostrado usando "prn.htm". • http://www.idefense.com/application/poi/display?id=142&type=vulnerabilities http://www.ipswitch.com/Support/WhatsUp/patch-upgrades.html https://exchange.xforce.ibmcloud.com/vulnerabilities/17418 •
CVSS: 7.5EPSS: 81%CPEs: 6EXPL: 3CVE-2004-0798 – Ipswitch WhatsUp Gold 8.03 Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-0798
Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows remote attackers to execute arbitrary code via a long instancename parameter. Desbordamiento de búfer en el script _maincfgret.cgi de Ipswithc WhatsUp Gold anteriores a 8.03 Hotfix 1 permite a atacantes remotos ejecutar código de su elección mediante un parámetro instancename largo. • https://www.exploit-db.com/exploits/566 https://www.exploit-db.com/exploits/16787 http://www.idefense.com/application/poi/display?type=vulnerabilities http://www.ipswitch.com/Support/WhatsUp/patch-upgrades.html http://www.securityfocus.com/bid/11043 https://exchange.xforce.ibmcloud.com/vulnerabilities/17111 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/ipswitch_wug_maincfgret.rb •