Vulnerability Note VU#777007

Ipswitch WhatsUp Gold 15.02 contains SQL injection and XSS vulnerabilities

Original Release date: 04 Sep 2012 | Last revised: 04 Sep 2012

Overview

Ipswitch WhatsUp Gold 15.02 has been reported to contain blind SQL injection and cross-site scripting vulnerabilities.

Description

Ipswitch WhatsUp Gold 15.02 has been reported to contain blind SQL injection and cross-site scripting vulnerabilities.

CWE-79 - CVE-2012-2601 - Blind SQL Injection
A blind SQL injection attack may be performed against the WrVMwareHostList.asp file.

Proof of Concept:
WrVMwareHostList.asp?sGroupList=1;WAITFOR DELAY '0:0:10'--&sDeviceList=3

CWE-89 - CVE-2012-2589 - Cross-site scripting
The snmpd.conf file may be maliciously modified to execute arbitrary Javascript.

Proof of Concept:
sysName <script>alert(124)</script>pt>>

Impact

An attacker may be able to execute arbitrary SQL commands and script.

Solution

Apply an Update

WhatsUp Gold 15.03 has been released to address these vulnerabilities.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
Ipswitch, IncAffected25 Jun 201204 Sep 2012
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base 8.7 AV:N/AC:L/Au:S/C:C/I:C/A:P
Temporal 6.8 E:POC/RL:OF/RC:C
Environmental 6.8 CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND

References

Credit

Thanks to Devon Kearns of Offensive Security for reporting this vulnerability.

This document was written by Jared Allar.

Other Information

  • CVE IDs: CVE-2012-2601 CVE-2012-2589
  • Date Public: 22 Jul 2012
  • Date First Published: 04 Sep 2012
  • Date Last Updated: 04 Sep 2012
  • Document Revision: 16

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.