57 matches found
EUVD-2006-2531
Malware in sbrugna...
EUVD-2006-2356
Malware in sbrugna...
EUVD-2006-2354
Malware in sbrugna...
EUVD-2006-2358
Malware in sbrugna...
EUVD-2006-2353
Malware in sbrugna...
Ipswitch WhatsUp Professional Source Disclosure (CVE-2006-2357)
Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to obtain source code for scripts via a trailing dot in a request to NmConsole/Login.asp...
Ipswitch WhatsUp Professional 2006 Authentication Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18019/info Ipswitch WhatsUp Professional 2006 is susceptible to a remote authentication-bypass vulnerability. This issue allows remote attackers to gain administrative access to the web-based administrative interface of t...
Ipswitch WhatsUp Professional 2006 0 NmConsole/Navigation.asp sDeviceView Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17964/info WhatsUp Professional is prone to multiple input-validation vulnerabilities. The issues include remote file-include, information-disclosure, source-code disclosure, cross-site scripting, and input-validation...
Ipswitch WhatsUp Professional 2005 SP1 LOGIN.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14039/info WhatsUp Professional is prone to an SQL injection vulnerability affecting its Web-based front end. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'login.asp'...
Ipswitch WhatsUp Professional 2006 Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16771/info Ipswitch WhatsUp Professional 2006 is susceptible to a remote denial-of-service vulnerability. This issue is due to the application's failure to properly handle certain HTTP GET requests. This issue allows remo...
Ipswitch WhatsUp Professional 2006 0 NmConsole/ToolResults.asp sHostname Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17964/info WhatsUp Professional is prone to multiple input-validation vulnerabilities. The issues include remote file-include, information-disclosure, source-code disclosure, cross-site scripting, and input-validation...
Ipswitch WhatsUp Web Interface SQL Injection (CVE-2005-1250)
WhatsUp Professional 2005 is a network monitoring and resource management solution. WhatsUp Professional uses a relational database to store the information about user accounts and network devices that are monitored by the application. The relational databases supported by WhatsUp Professional ar...
Ipswitch WhatsUp Professional Multiple Vulnerabilities
The remote web server is affected by multiple flaws. Description : The remote host appears to be running Ipswitch WhatsUp Professional, which is used to monitor states of applications, services and hosts. The version of WhatsUp Professional installed on the remote host is prone to multiple issues...
Ipswitch WhatsUp Professional Authentication bypass detection
The remote web server is affected by an authentication bypass flaw. Description : The remote host is running Ipswitch WhatsUp Professional, which is used to monitor states of applications, services and hosts. The version of WhatsUp Professional installed on the remote host allows an attacker to...
Ipswitch WhatsUp Professional Multiple Vulnerabilities
Deprecated since it didn SPDX-FileCopyrightText: 2008 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.80068";...
Ipswitch WhatsUp Professional Authentication bypass detection
The remote web server is affected by an authentication bypass flaw. SPDX-FileCopyrightText: 2008 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Update Protection against Ipswitch WhatsUp Professional 2006 Multiple Vulnerabilities
WhatsUp is a tool from Ipswitch that monitors application and network. WhatsUp runs a custom web server for the application Web interface on port 8022. Multiple flaws have been identified in the server including XSS vulnerabilities, page redirection via cross site scripting and header spoofing...
Authentication flaw
Ipswitch WhatsUp Professional 2006 only verifies the user's identity via HTTP headers, which allows remote attackers to spoof being a trusted console and bypass authentication by setting HTTP User-Agent header to "Ipswitch/1.0" and the User-Application header to "NmConsole"...
Ipswitch WhatsUp Professional Crafted Header Authentication Bypass
The remote host is running Ipswitch WhatsUp Professional, which is used to monitor states of applications, services and hosts. The version of WhatsUp Professional installed on the remote host allows an attacker to bypass authentication with a specially crafted request. %NASLMINLEVEL 70300 C Tenab...
Ipswitch WhatsUp Professional 2006 - Authentication Bypass
Ipswitch WhatsUp Professional 2006 - Authentication Bypass source: https://www.securityfocus.com/bid/18019/info Ipswitch WhatsUp Professional 2006 is susceptible to a remote authentication-bypass vulnerability. This issue allows remote attackers to gain administrative access to the web-based...