Vulnerabilities > CVE-2005-2849 - Unspecified vulnerability in Barracuda Networks Barracuda Spam Firewall 3.1.16/3.1.17
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Argument injection vulnerability in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to (1) read portions of source code via the -f option to Dig (dig_device.cgi), (2) determine file existence via the -r argument to Tcpdump (tcpdump_device.cgi) or (3) modify files in the cgi-bin directory via the -w argument to Tcpdump.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Hardware | 2 |
References
- http://marc.info/?l=bugtraq&m=112560044813390&w=2
- http://marc.info/?l=bugtraq&m=112560044813390&w=2
- http://secunia.com/advisories/16683/
- http://secunia.com/advisories/16683/
- http://securiweb.net/wiki/Ressources/AvisDeSecurite/2005.1
- http://securiweb.net/wiki/Ressources/AvisDeSecurite/2005.1
- http://www.securitytracker.com/alerts/2005/Sep/1014837.html
- http://www.securitytracker.com/alerts/2005/Sep/1014837.html