Vulnerability Details CVE-2004-0798
Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows remote attackers to execute arbitrary code via a long instancename parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.644
EPSS Ranking 98.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.idefense.com/application/poi/display?type=vulnerabilities
- http://www.ipswitch.com/Support/WhatsUp/patch-upgrades.html
- http://www.securityfocus.com/bid/11043
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17111
- https://www.exploit-db.com/exploits/566/
- http://www.idefense.com/application/poi/display?type=vulnerabilities
- http://www.ipswitch.com/Support/WhatsUp/patch-upgrades.html
- http://www.securityfocus.com/bid/11043
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17111
- https://www.exploit-db.com/exploits/566/
Products affected by CVE-2004-0798
-
cpe:2.3:a:progress:whatsup_gold:7.0
-
cpe:2.3:a:progress:whatsup_gold:7.03
-
cpe:2.3:a:progress:whatsup_gold:7.04
-
cpe:2.3:a:progress:whatsup_gold:8.0
-
cpe:2.3:a:progress:whatsup_gold:8.01
-
cpe:2.3:a:progress:whatsup_gold:8.03