7 matches found
Information disclosure
NmConsole/Login.asp in Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium generates different error messages in a way that allows remote attackers to enumerate valid usernames. NOTE: the provenance of this information is unknown; the details are obtained solely from...
Design/Logic Flaw
Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to obtain source code for scripts via a trailing dot in a request to NmConsole/Login.asp...
CVE-2006-2352
Multiple cross-site scripting XSS vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allow remote attackers to inject arbitrary web script or HTML via unknown vectors in 1 NmConsole/Tools.asp and 2 NmConsole/DeviceSelection.asp. NOTE: the provenance of thi...
Design/Logic Flaw
NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote attackers to cause a denial of service CPU consumption via crafted requests to Login.asp, possibly involving the 1 "In" and 2 "b;tnLogIn" parameters, or 3 malformed btnLogIn parameters, possibly involving missing "" open bracket or...
CVE-2006-0911
CVE-2006-0911 affects Ipswitch WhatsUp Professional 2006. The vulnerable component is NmService.exe handling requests to Login.asp. The underlying issue is triggered by crafted requests that use the parameters (1) "In]" and (2) "b;tnLogIn", or (3) malformed btnLogIn, potentially involving missing...
CVE-2006-0911
NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote attackers to cause a denial of service CPU consumption via crafted requests to Login.asp, possibly involving the 1 "In" and 2 "b;tnLogIn" parameters, or 3 malformed btnLogIn parameters, possibly involving missing "" open bracket or...
Ipswitch WhatsUp Professional 2006 - Remote Denial of Service
source: https://www.securityfocus.com/bid/16771/info Ipswitch WhatsUp Professional 2006 is susceptible to a remote denial-of-service vulnerability. This issue is due to the application's failure to properly handle certain HTTP GET requests. This issue allows remote attackers to consume excessive...