Josh Zlatin-Amishav

**Name of the Vulnerable Software and Affected Versions** Ipswitch WhatsUp Professional 2006 **Description** The issue allows remote attackers to cause a denial of service, specifically CPU consumption, via crafted requests to "Login.asp". This may involve the `In` and `btnLogIn` parameters, or malformed `btnLogIn` parameters, possibly due to missing or incorrect bracket characters. Examples of such crafted requests include "&btnLogIn=[Log&In]=&" or "&b;tnLogIn=[Log&In]=&" in the URL. **Recommendations** For Ipswitch WhatsUp Professional 2006, consider restricting access to the "Login.asp" endpoint until a fix is available. As a temporary workaround, avoid using the `btnLogIn` parameter in the affected API endpoint.

**Name of the Vulnerable Software and Affected Versions** MailEnable Professional versions 1.7 and earlier MailEnable Enterprise versions 1.1 and earlier **Description** The issue is related to a denial of service vulnerability in the IMAP service of MailEnable. It occurs when the IMAP server handles the "Rename" command, specifically when attempting to rename non-existent folders. This can cause the service to crash. The estimated number of potentially affected devices is not provided. **Recommendations** For MailEnable Professional version 1.7 and earlier, update to a version that fixes this issue. For MailEnable Enterprise version 1.1 and earlier, update to a version that fixes this issue. As a temporary workaround, consider restricting access to the IMAP service or avoiding the use of the "Rename" command with non-existent mailboxes until a patch is available.

**Name of the Vulnerable Software and Affected Versions** EasyGuppy (Guppy for Windows) versions 4.5.4 through 4.5.5 **Description** The issue allows remote attackers to read arbitrary files due to a directory traversal vulnerability in the printfaq.php file. This is achieved by using ".." sequences in the `pg` parameter. The `pg` parameter is cleansed for XSS but not for directory traversal, making it vulnerable to such attacks. **Recommendations** For versions 4.5.4 and 4.5.5, consider restricting access to the printfaq.php file until a patch is available. As a temporary workaround, avoid using the `pg` parameter in the printfaq.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Orion versions 1.3.8 through 1.4.5 **Description** A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via the URL. This occurs because the URL is not properly quoted in the resulting 404 error page. **Recommendations** For Orion version 1.3.8, update to a version that fixes this issue. For Orion version 1.4.5, update to a version that fixes this issue. As a temporary workaround, consider restricting access to URLs that may trigger the 404 error page until a patch is available.

**Name of the Vulnerable Software and Affected Versions** CompaqHTTPServer version 2.1 **Description** A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via the URL. This occurs because the URL is not properly quoted in the resulting 404 error page. **Recommendations** For CompaqHTTPServer version 2.1, consider disabling the generation of error pages or properly quoting URLs in error pages to prevent exploitation until a patch is available. Restrict access to the server to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Wyse Winterm 1125SE version 4.2.09f Wyse Winterm 1125SE version 4.4.061f **Description** The issue allows remote attackers to cause a denial of service, resulting in a device crash. This can be achieved by sending a packet with a zero in the IP option length field. **Recommendations** For Wyse Winterm 1125SE version 4.2.09f, update the firmware to a version that fixes this issue. For Wyse Winterm 1125SE version 4.4.061f, update the firmware to a version that fixes this issue. As a temporary workaround, consider implementing network traffic filtering to block malicious packets that could exploit this issue.