Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2004 Michel ArboiOPENVAS:136141256231015564
HistoryNov 03, 2005 - 12:00 a.m.

Whatsup Gold vulnerable CGI

2005-11-0300:00:00
Copyright (C) 2004 Michel Arboi
plugins.openvas.org
11

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

Low

0.931 High

EPSS

Percentile

99.1%

JSON

The

# SPDX-FileCopyrightText: 2004 Michel Arboi
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.15564");
  script_version("2023-08-01T13:29:10+0000");
  script_tag(name:"last_modification", value:"2023-08-01 13:29:10 +0000 (Tue, 01 Aug 2023)");
  script_tag(name:"creation_date", value:"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)");
  script_cve_id("CVE-2004-0798");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_name("Whatsup Gold vulnerable CGI");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2004 Michel Arboi");
  script_family("Web application abuses");
  script_dependencies("find_service.nasl", "httpver.nasl", "global_settings.nasl");
  script_require_ports("Services/www", 80);
  script_exclude_keys("Settings/disable_cgi_scanning");

  script_xref(name:"URL", value:"http://www.idefense.com/application/poi/display?id=142&type=vulnerabilities");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/11043");
  script_xref(name:"URL", value:"http://www.packetstormsecurity.org/0408-advisories/08.25.04.txt");

  script_tag(name:"solution", value:"Upgrade to Whatsup Gold 8.03 HF 1 or later.");

  script_tag(name:"summary", value:"The '_maincfgret' cgi is installed.

  Some versions were vulnerable to a buffer overflow.");

  script_tag(name:"qod_type", value:"remote_banner_unreliable");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("http_func.inc");
include("http_keepalive.inc");
include("port_service_func.inc");
include("list_array_func.inc");

port = http_get_port(default:80);

foreach url(make_list("/_maincfgret.cgi", "_maincfgret.cgi")) {
  if(http_is_cgi_installed_ka(item:url, port:port)) {
    report = http_report_vuln_url(port:port, url:url);
    security_message(port:port, data:report);
    exit(0);
  }
}

exit(99);

Related

saint 4
openvas 1
cve 1
nessus 1
checkpoint_advisories 1
nvd 1
packetstorm 1
securityvulns 1
cvelist 1
kaspersky 1
saint
saint
WhatsUp Gold _maincfgret.cgi instancename buffer overflow
2006-09-08 00:00:00
WhatsUp Gold _maincfgret.cgi instancename buffer overflow
2006-09-08 00:00:00
WhatsUp Gold _maincfgret.cgi instancename buffer overflow
2006-09-08 00:00:00
openvas
openvas
Whatsup Gold vulnerable CGI
2005-11-03 00:00:00
cve
cve
CVE-2004-0798
2004-10-20 04:00:00
nessus
nessus
Ipswitch WhatsUp Gold _maincfgret.cgi Remote Overflow
2004-10-25 00:00:00
checkpoint_advisories
checkpoint_advisories
Ipswitch WhatsUp Gold Web Server Buffer Overflow (CVE-2004-0798)
2010-02-14 00:00:00
nvd
nvd
CVE-2004-0798
2004-10-20 04:00:00
packetstorm
packetstorm
Ipswitch WhatsUp Gold 8.03 Buffer Overflow
2009-11-26 00:00:00
securityvulns
securityvulns
[Full-Disclosure] iDEFENSE Security Advisory 08.25.04: Ipswitch WhatsUp Gold Remote Buffer Overflow Vulnerability
2004-08-30 00:00:00
cvelist
cvelist
CVE-2004-0798
2004-08-27 04:00:00
kaspersky
kaspersky
KLA10226 Multiple vulnerabilities in WahtsUp Gold
2004-10-20 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

Low

0.931 High

EPSS

Percentile

99.1%

JSON
Related for OPENVAS:136141256231015564
saint4openvas1cve1nessus1checkpoint_advisories1nvd1packetstorm1securityvulns1cvelist1kaspersky1