Check Point Advisories

Update Protection against IPSwitch WhatsUp Professional DoS Vulnerability

Check Point Reference: CPAI-2006-038
Date Published: 27 Apr 2006
Severity: Low
Last Updated: Monday 07 May, 2007
Source: FrSIRT/ADV-2006-0704
Industry Reference:CVE-2006-0911
Protection Provided by:
Who is Vulnerable? WhatsUp Professional 2006
Vulnerability Description IPSwitch WhatsUp Professional 2006 is a network management and monitoring tool. A vulnerability has been identified in IPSwitch WhatsUp, which could be exploited by remote attackers to cause a denial of service.
Update/Patch AvaliableNo patch is available at the moment.
Vulnerability DetailsThe flaw is due to an error in the "Login.asp" script that fails to properly handle certain requests. A remote attacker could send a crafted URL to the login.asp to crash the NmService service or consume a large amount of system resources.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK