Ipswitch WhatsUp Professional 2006 - Authentication Bypass Vulnerability



source: http://www.securityfocus.com/bid/18019/info


Ipswitch WhatsUp Professional 2006 is susceptible to a remote authentication-bypass vulnerability.

This issue allows remote attackers to gain administrative access to the web-based administrative interface of the application. This will aid them in further network attacks.

The HTTP requests containing the following header information are sufficient to demonstrate this issue:

User-Agent: Ipswitch/1.0
User-Application: NmConsole