Lucene search
Copyright (C) 2004 Michel ArboiOPENVAS:136141256231015564HistoryNov 03, 2005 - 12:00 a.m.
Whatsup Gold vulnerable CGI
2005-11-0300:00:00
Copyright (C) 2004 Michel Arboi
plugins.openvas.org
10
6.5 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.931 High
EPSS
Percentile
99.1%
The
# SPDX-FileCopyrightText: 2004 Michel Arboi
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.15564");
script_version("2023-08-01T13:29:10+0000");
script_tag(name:"last_modification", value:"2023-08-01 13:29:10 +0000 (Tue, 01 Aug 2023)");
script_tag(name:"creation_date", value:"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)");
script_cve_id("CVE-2004-0798");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_name("Whatsup Gold vulnerable CGI");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2004 Michel Arboi");
script_family("Web application abuses");
script_dependencies("find_service.nasl", "httpver.nasl", "global_settings.nasl");
script_require_ports("Services/www", 80);
script_exclude_keys("Settings/disable_cgi_scanning");
script_xref(name:"URL", value:"http://www.idefense.com/application/poi/display?id=142&type=vulnerabilities");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/11043");
script_xref(name:"URL", value:"http://www.packetstormsecurity.org/0408-advisories/08.25.04.txt");
script_tag(name:"solution", value:"Upgrade to Whatsup Gold 8.03 HF 1 or later.");
script_tag(name:"summary", value:"The '_maincfgret' cgi is installed.
Some versions were vulnerable to a buffer overflow.");
script_tag(name:"qod_type", value:"remote_banner_unreliable");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("http_func.inc");
include("http_keepalive.inc");
include("port_service_func.inc");
include("list_array_func.inc");
port = http_get_port(default:80);
foreach url(make_list("/_maincfgret.cgi", "_maincfgret.cgi")) {
if(http_is_cgi_installed_ka(item:url, port:port)) {
report = http_report_vuln_url(port:port, url:url);
security_message(port:port, data:report);
exit(0);
}
}
exit(99);
Related
checkpoint_advisories
checkpoint_advisories
Ipswitch WhatsUp Gold Web Server Buffer Overflow (CVE-2004-0798)
2010-02-14 00:00:00
nvd
nvd
CVE-2004-0798
2004-10-20 04:00:00
openvas
openvas
Whatsup Gold vulnerable CGI
2005-11-03 00:00:00
saint
saint
WhatsUp Gold _maincfgret.cgi instancename buffer overflow
2006-09-08 00:00:00
WhatsUp Gold _maincfgret.cgi instancename buffer overflow
2006-09-08 00:00:00
WhatsUp Gold _maincfgret.cgi instancename buffer overflow
2006-09-08 00:00:00
nessus
nessus
Ipswitch WhatsUp Gold _maincfgret.cgi Remote Overflow
2004-10-25 00:00:00
cve
cve
CVE-2004-0798
2004-10-20 04:00:00
packetstorm
packetstorm
Ipswitch WhatsUp Gold 8.03 Buffer Overflow
2009-11-26 00:00:00
securityvulns
securityvulns
cvelist
cvelist
CVE-2004-0798
2004-08-27 04:00:00
kaspersky
kaspersky
KLA10226 Multiple vulnerabilities in WahtsUp Gold
2004-10-20 00:00:00
6.5 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.931 High
EPSS
Percentile
99.1%
Related for OPENVAS:136141256231015564