Barracuda Spam Firewall@3.3.03.053 Security Vulnerabilities and Issues — Barracuda Spam Firewall@3.3.03.053 CVE List

Lucene search

Barracuda NetworksBarracuda Spam Firewall3.3.03.053

5 matches found

CVE•added 2008/05/23 3:32 p.m.•47 views

CVE-2008-2333

Cross-site scripting (XSS) vulnerability in ldap_test.cgi in Barracuda Spam Firewall (BSF) before 3.5.11.025 allows remote attackers to inject arbitrary web script or HTML via the email parameter.

4.3CVSS5.6AI score0.008EPSS

CVE•added 2006/08/05 1:4 a.m.•38 views

CVE-2006-4000

Directory traversal vulnerability in cgi-bin/preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter.

4CVSS6.2AI score0.04009EPSS

CVE•added 2006/08/05 1:4 a.m.•37 views

CVE-2006-4001

Login.pm in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 contains a hard-coded password for the guest account, which allows remote attackers to read sensitive information such as e-mail logs, and possibly e-mail contents and the admin password.

7.5CVSS6.5AI score0.01155EPSS

CVE•added 2006/08/11 10:4 a.m.•37 views

CVE-2006-4081

preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 allows remote attackers to execute commands via shell metacharacters ("|" pipe symbol) in the file parameter. NOTE: the attack can be extended to arbitrary commands by the presence of CVE-2006-4000.

7.5CVSS7.3AI score0.10092EPSS

CVE•added 2006/08/11 10:4 a.m.•37 views

CVE-2006-4082

Barracuda Spam Firewall (BSF), possibly 3.3.03.053, contains a hardcoded password for the admin account for logins from 127.0.0.1 (localhost), which allows local users to gain privileges.

7.2CVSS6.8AI score0.00079EPSS