Approved changes feed: RSS · Atom
cpe:2.3:a:ipswitch:whatsup:professional_2006:*:*:*:*:*:*:*
part: a version: professional_2006 update: *
| Vendor | Ipswitch (f980cf58-ade3-5008-97dc-5202aeb62886) |
|---|---|
| Product | Whatsup (0700ee96-23e2-5efc-bdfd-00f6a375fbdc) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2006-2531 |
vulnerable | 2026-06-03 14:27:32.567068 |
Details available
Ipswitch WhatsUp Professional 2006 only verifies the user's identity via HTTP headers, which allows remote attackers to spoof being a trusted console and bypass authentication by setting HTTP User-Agent header to "Ipswitch/1.0" and the User-Application header to "NmConsole".
Published: 2006-05-22T23:00:00.000Z
Updated: 2024-08-07T17:51:04.633Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2006-0911 |
vulnerable | 2026-06-03 14:27:22.883819 |
Details available
NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote attackers to cause a denial of service (CPU consumption) via crafted requests to Login.asp, possibly involving the (1) "In]" and (2) "b;tnLogIn" parameters, or (3) malformed btnLogIn parameters, possibly involving missing "[" (open bracket) or "[" (closing bracket) characters, as demonstrated by "&btnLogIn=[Log&In]=&" or "&b;tnLogIn=[Log&In]=&" in the URL. NOTE: due to the lack of diagnosis by the original researcher, the precise nature of the vulnerability is unclear.
Published: 2006-02-28T11:00:00.000Z
Updated: 2024-08-07T16:48:56.993Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.