19 matches found
Barracuda Spam & Virus Firewall 安全漏洞
Barracuda Spam & Virus Firewall is an email security gateway from Barracuda USA. A security vulnerability exists in Barracuda Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to 2010.10, which stems from a path traversal in the viewhelp.cgi endpoint that could lead to...
Barracuda Multiple Product Locale Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Barracuda Multiple Product "locale" Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability present in...
Barracuda Networks Spam and Virus Firewall Remote Command Injection Vulnerability
Barracuda Networks Spam & Virus Firewall is a virus and spam firewall product from Barracuda Networks. The product features virus filtering and inbound/outbound filtering. A remote command injection vulnerability exists in Barracuda Networks Spam and Virus Firewall versions 5.1.3 006,l 5.1.3 and...
Barracuda Spam Virus Firewall 5.1.3.007 - Remote Command Execution (Metasploit)
Barracuda Spam Virus Firewall 5.1.3.007 - Remote Command Execution Metasploit Exploit Title: Barracuda Spam & Virus Firewall Post Auth Remote Root Exploit Date: 07/21/16 Exploit Author: xort [email protected] Vendor Homepage: https://www.barracuda.com/ Software Link:...
Barracuda Spam & Virus Firewall 5.1.3.007 - Remote Command Execution (Metasploit)
Exploit for linux platform in category remote exploits Exploit Title: Barracuda Spam & Virus Firewall Post Auth Remote Root Exploit Date: 07/21/16 Exploit Author: xort email protected Vendor Homepage: https://www.barracuda.com/ Software Link: https://www.barracuda.com/landing/pages/spamfirewall/...
Barracuda Spam and Virus Firewall RCE Vulnerability
Barracuda Spam & Virus Firewall is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Barracuda Spam & Virus Firewall 5.1.3.007 - Remote Command Execution (Metasploit)
Exploit Title: Barracuda Spam & Virus Firewall Post Auth Remote Root Exploit Date: 07/21/16 Exploit Author: xort [email protected] Vendor Homepage: https://www.barracuda.com/ Software Link: https://www.barracuda.com/landing/pages/spamfirewall/ Version: Spam and Virus Firewall 'Barracuda Spam...
Barracuda Spam And Virus Firewall 5.1.3.007 Remote Root
Exploit Title: Barracuda Spam & Virus Firewall Post Auth Remote Root Exploit Date: 07/21/16 Exploit Author: xort [email protected] Vendor Homepage: https://www.barracuda.com/ Software Link: https://www.barracuda.com/landing/pages/spamfirewall/ Version: Spam and Virus Firewall 'Barracuda Spam...
Barracuda Networks Firewall / Web Firewall / Spam&Virus Firewall security vulnerabilities
XSS, restrictions bypass...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Barracuda Spam & Virus Firewall 600 Firmware 4.0.1.009 and earlier allow remote authenticated users to inject arbitrary web script or HTML via 1 Troubleshooting in the Trace route Device module or 2 LDAP Username in the LDAP Configuration modul...
CVE-2012-5316
Multiple cross-site scripting XSS vulnerabilities in Barracuda Spam & Virus Firewall 600 Firmware 4.0.1.009 and earlier allow remote authenticated users to inject arbitrary web script or HTML via 1 Troubleshooting in the Trace route Device module or 2 LDAP Username in the LDAP Configuration modul...
CVE-2012-5316
CVE-2012-5316 affects Barracuda Spam & Virus Firewall 600 firmware up to 4.0.1.009. The issue is cross-site scripting (XSS) in two components: (1) Troubleshooting → Trace route Device module and (2) LDAP Configuration → LDAP Username. Triggered by authenticated remote users, it allows injection o...
Barracuda Spam/Virus WAF 600 - Multiple Vulnerabilities
Document Title: =============== Barracuda Spam/Virus WAF 600 - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=28 Release Date: ============= 2012-01-18 Vulnerability Laboratory ID VL-ID: ==================================== 28...
http-barracuda-dir-traversal NSE Script
Attempts to retrieve the configuration settings from a Barracuda Networks Spam & Virus Firewall device using the directory traversal vulnerability described at . This vulnerability is in the "locale" parameter of "/cgi-mod/viewhelp.cgi" or "/cgi-bin/viewhelp.cgi", allowing the information to be...
Barracuda Networks Multiple Products 'view_help.cgi' Directory Traversal Vulnerability
Multiple Barracuda Networks products are prone to a directory- traversal vulnerability because it fails to sufficiently sanitize user- supplied input. A remote attacker can exploit this vulnerability using directory- traversal characters '../' to access files that contain sensitive information th...
Barracuda Spam & Virus Firewall Detection (HTTP)
Detection of Barracuda Spam & Virus Firewall The script sends a connection request to the server and attempts to detect the presence of Barracuda Spam & Virus Firewall and to extract its version SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced...
Barracuda Spam & Virus Firewall Console Management Detection
The remote host appears to be a Barracuda Spam & Virus Firewall. It allows connections to its web console management application. Letting attackers know the type of firewall in use may help them focus their attacks against the networks it protects. C Tenable Network Security, Inc...
Barracuda Networks Spam & Virus Firewall <= 4.1.1.021 Configuration
Exploit for cgi platform in category remote exploits =================================================================== Barracuda Networks Spam & Virus Firewall " echo "" exit; fi; curl http://$1:8000/cgi-mod/viewhelp.cgi?locale=/../../../../../../../mail/snapshot/config.snapshot%00 $1.config ls...
Barracuda Networks Spam & Virus Firewall 4.1.1.021 - Remote Configuration Retrieval
!/bin/bash Exploit by ShadowHatesYou [email protected] The resulting output is an SQL dump containing the Barracuda's configuration, which includes goodies such as: The administrative password for the BSFsystempassword MTA LDAP passwordsmtaldapadvancedpassword Password for each configured...