2 matches found
CVE-2006-4081
previewemail.cgi in Barracuda Spam Firewall BSF 3.3.01.001 through 3.3.03.053 allows remote attackers to execute commands via shell metacharacters "|" pipe symbol in the file parameter. NOTE: the attack can be extended to arbitrary commands by the presence of CVE-2006-4000...
CVE-2006-4000
CVE-2006-4000 affects Barracuda Spam Firewall (BSF) 3.3.01.001–3.3.03.053. The vulnerability is a directory traversal in cgi-bin/preview_email.cgi that allows remote authenticated users to read arbitrary files by supplying a ".." in the file parameter. Related entry CVE-2006-4081 notes that BSF 3...