CVE-2004-0799

Name of the Vulnerable Software and Affected Versions Ipswitch WhatsUp Gold versions 8.03 through 8.03 Hotfix 1

Description The issue allows remote attackers to cause a denial of service, resulting in a server crash, via a GET request containing an MS-DOS device name. This can be demonstrated using a request for "prn.htm".

Recommendations For Ipswitch WhatsUp Gold versions 8.03 through 8.03 Hotfix 1, consider restricting access to the HTTP daemon to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using MS-DOS device names in GET requests to prevent server crashes.