Yes. This one was addressed in Hot Fix 2. Cheers!
pete.;1 -)-------------- Peter H. Jenney Product Management Ipswitch 10 Maguire Rd. Lexington, MA 02421 http://www.ipswitch.com Direct: +1 (781) 676.5755 Mobile: +1 (603) 264.3961 [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Auger, Jay (IS) Sent: Tuesday, October 12, 2004 9:26 AM To: [EMAIL PROTECTED] Subject: [WhatsUp Forum] Exploit Code Has anyone run into this yet? Does the latest hotfix correct this? ******************** Exploit Code ******************** (8) Ipswitch WhatsUp Gold Buffer Overflow An exploit has been published to leverage the buffer overflow vulnerability in the Ipswitch Whatsup Gold product. The exploit works on Windows 2000/XP systems and spawns a command shell on port 28876. Council Site Updates: Only one council site provided an update - they have already patched their systems. References: Exploit Code http://www.securityfocus.com/archive/1/377443/2004-09-27/2004-10-03/0 Previous @RISK Newsletter Posting http://www.sans.org/newsletters/risk/vol3_34.php (Item #6) Jay Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/whatsup_forum%40list.ipswitch.com/
<<attachment: winmail.dat>>
