Barracuda Spam Firewall web-ui Multiple CGI Unauthenticated Access

ID OSVDB:19714
Type osvdb
Reporter Adam Pointon(
Modified 2005-03-14T01:21:38


Solution Description

Upgrade to version 3.1.12 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Manual Testing Notes

/cgi-bin/mail_queue.cgi /cgi-bin/mark.cgi /cgi-bin/preview_email.cgi /cgi-bin/show_queues.cgi /cgi-bin/request_web.cgi /cgi-bin/request_support.cgi /cgi-bin/show_quar_queues.cgi /cgi-bin/show_sync_queue.cgi /cgi-bin/stats.cgi


Vendor URL: Vendor Specific Advisory URL Related OSVDB ID: 19713 Other Advisory URL: