Vulners
Lucene search
Barracuda IMFirewall 620 Vulnerability
======================================
Barracuda IMFirewall 620 Vulnerability
======================================
PenTest Information:
====================
GESEC Team (~remove) discover multiple Input Validation Vulnerabilities on Barracuda IM Firewall.
A remote attacker is able to get sensitive customer sessions (client-side)or can implement evil script
routines & malicious codes(server-side).
Details
=======
Tested on OS: Windows 7
Tested with Software: Mozilla Firefox 3.5.x (Portable|Mod) & HTTPsniff
Vulnerable Products: Barracuda IM Firewall 620
Affected Versions: Model 620 Firmware v4.0.01.003
Vulnerability Type: Input Validation Vulnerability (Server-Side|Persistent)
Vendor-URL: http://barracuda.com/
Advisory-Status: Published | 07.12.2009
Advisory-URL: http://censored ...
Report-URL: http://censored ...
Introduction
============
Barracuda Networks - Worldwide leader in email and Web security. T
he Barracuda Web Application Firewall is a complete and powerful security solution for Web applications and Web sites.
The Barracuda Web Application Firewall provides award-winning protection against hackers leveraging protocol or application
vulnerabilities to instigate data theft, denial of service or defacement of your Web site. The Barracuda Web Application
Firewall protects Web applications and Web services from malicious attacks, and can also increase the performance and scalability of
these applications. The Barracuda Web Application Firewall offers every capability needed to deliver, secure and
manage enterprise Web applications from a single appliance through an intuitive, real-time user interface.
* Single point of protection for inbound and outbound traffic for all Web applications
* Protects Web sites and Web applications against application layer attacks
* Delivers best practices security right out of the box
* Monitors traffic and provides reports about attackers and attack attempts
The Barracuda IM Firewall is the first product to provide everything an organization needs to control and manage internal
and external instant messaging (IM) traffic. It combines an integrated IM server and gateway solution that is powerful,
easy to use and affordable for businesses of all sizes. Installing in minutes, it can easily and completely identify and
manage both internal and public IM traffic within your organization. Using the Barracuda IM Firewall, your organization
can eliminate the security, virus, or compliance risks of instant messaging while harnessing the communications and productivity
benefits for which IM has become an indispensable asset.
(Copy from the Vendor's Homepage: http://www.barracudanetworks.com/ns/products/im_overview.php)
# 0day.today [2018-02-18] #Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
07 Dec 2009 00:00Current
7.1High risk
Vulners AI Score7.1