Vulnerabilities > Barracuda Networks > Barracuda Spam Firewall > 3.1.17
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-05-23 | CVE-2008-2333 | Cross-Site Scripting vulnerability in Barracuda Networks Barracuda Spam Firewall Cross-site scripting (XSS) vulnerability in ldap_test.cgi in Barracuda Spam Firewall (BSF) before 3.5.11.025 allows remote attackers to inject arbitrary web script or HTML via the email parameter. | 4.3 |
2007-05-09 | CVE-2007-1669 | Remote Denial of Service vulnerability in Multiple Vendors Zoo Compression Algorithm zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. | 7.8 |
2005-09-08 | CVE-2005-2849 | Remote Security vulnerability in Barracuda Networks Barracuda Spam Firewall 3.1.16/3.1.17 Argument injection vulnerability in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to (1) read portions of source code via the -f option to Dig (dig_device.cgi), (2) determine file existence via the -r argument to Tcpdump (tcpdump_device.cgi) or (3) modify files in the cgi-bin directory via the -w argument to Tcpdump. | 6.4 |
2005-09-08 | CVE-2005-2848 | Remote Directory Traversal vulnerability in Barracuda Networks Barracuda Spam Firewall 3.1.16/3.1.17 Directory traversal vulnerability in img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to read arbitrary files via a .. | 5.0 |
2005-09-08 | CVE-2005-2847 | Remote Command Execution vulnerability in Barracuda Networks Barracuda Spam Firewall 3.1.16/3.1.17 img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter. | 7.5 |