CVE-2006-0911

Ipswitch WhatsUp Professional 2006 - Denial of Service via Crafted Login.asp Requests

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-0911. PoCs published by Josh Zlatin-Amishav.

AI-analyzed exploit summary The exploit demonstrates a denial-of-service vulnerability in Ipswitch WhatsUp Professional 2006 by sending malformed HTTP GET requests to the Login.asp page, causing excessive CPU consumption. The provided script automates the attack using a loop with wget.

Description

NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote attackers to cause a denial of service (CPU consumption) via crafted requests to Login.asp, possibly involving the (1) "In]" and (2) "b;tnLogIn" parameters, or (3) malformed btnLogIn parameters, possibly involving missing "[" (open bracket) or "[" (closing bracket) characters, as demonstrated by "&btnLogIn=[Log&In]=&" or "&b;tnLogIn=[Log&In]=&" in the URL. NOTE: due to the lack of diagnosis by the original researcher, the precise nature of the vulnerability is unclear.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Josh Zlatin-Amishav · textdosasp

https://www.exploit-db.com/exploits/27258

View Code ZIP pw:eip

The exploit demonstrates a denial-of-service vulnerability in Ipswitch WhatsUp Professional 2006 by sending malformed HTTP GET requests to the Login.asp page, causing excessive CPU consumption. The provided script automates the attack using a loop with wget.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Ipswitch WhatsUp Professional 2006

No auth needed

Prerequisites: Network access to the target server · Target running Ipswitch WhatsUp Professional 2006

MITRE ATT&CK