PT-2006-3321 · Ipswitch · Ipswitch Whatsup Professional Premium+1

David Maciejak

Published

2006-05-15

Updated

2017-07-20

CVE-2006-2357

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Ipswitch WhatsUp Professional versions 2006 Ipswitch WhatsUp Professional Premium version 2006

Description The issue allows remote attackers to obtain source code for scripts. This is achieved by sending a request to the "NmConsole/Login.asp" endpoint with a trailing dot.

Recommendations For Ipswitch WhatsUp Professional version 2006, update to a version that fixes this issue. For Ipswitch WhatsUp Professional Premium version 2006, update to a version that fixes this issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-2357

Affected Products

Ipswitch Whatsup Professional

Ipswitch Whatsup Professional Premium

PT-2006-3321 · Ipswitch · Ipswitch Whatsup Professional Premium+1

CVE-2006-2357

Related Identifiers

Affected Products

References · 6