Vulnerabilities > CVE-2005-2848 - Unspecified vulnerability in Barracuda Networks Barracuda Spam Firewall 3.1.16/3.1.17
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Directory traversal vulnerability in img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Hardware | 2 |
Exploit-Db
description | Barracuda Spam Firewall < 3.1.18 Command Execution Exploit (meta). CVE-2005-2847,CVE-2005-2848. Webapps exploit for cgi platform |
id | EDB-ID:1236 |
last seen | 2016-01-31 |
modified | 2005-09-27 |
published | 2005-09-27 |
reporter | Nicolas Gregoire |
source | https://www.exploit-db.com/download/1236/ |
title | Barracuda Spam Firewall < 3.1.18 Command Execution Exploit meta |
Nessus
NASL family | CGI abuses |
NASL id | BARRACUDA_SPAM_FIREWALL_3118.NASL |
description | The remote host appears to be a Barracuda Spam Firewall network appliance, which protects mail servers from spam, viruses, and the like. Further, it appears that the installed appliance suffers from several vulnerabilities that allow for execution of arbitrary code and reading of arbitrary files, all subject to the permissions of the web server user id. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 19556 |
published | 2005-09-01 |
reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/19556 |
title | Barracuda Spam Firewall < 3.1.18 Multiple Vulnerabilities |
code |
|
References
- http://marc.info/?l=bugtraq&m=112560044813390&w=2
- http://marc.info/?l=bugtraq&m=112560044813390&w=2
- http://secunia.com/advisories/16683/
- http://secunia.com/advisories/16683/
- http://securiweb.net/wiki/Ressources/AvisDeSecurite/2005.1
- http://securiweb.net/wiki/Ressources/AvisDeSecurite/2005.1
- http://www.securityfocus.com/bid/14710
- http://www.securityfocus.com/bid/14710
- http://www.securitytracker.com/alerts/2005/Sep/1014837.html
- http://www.securitytracker.com/alerts/2005/Sep/1014837.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22120
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22120