Vulnerabilities > Barracuda Networks > Barracuda Spam Firewall > High

DATE CVE VULNERABILITY TITLE RISK
2007-05-09 CVE-2007-1673 Resource Management Errors vulnerability in multiple products
unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
7.8
2007-05-09 CVE-2007-1669 Remote Denial of Service vulnerability in Multiple Vendors Zoo Compression Algorithm
zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
network
low complexity
barracuda-networks amavis
7.8
2006-08-11 CVE-2006-4082 Local Security vulnerability in Barracuda Networks Barracuda Spam Firewall 3.3.03.053
Barracuda Spam Firewall (BSF), possibly 3.3.03.053, contains a hardcoded password for the admin account for logins from 127.0.0.1 (localhost), which allows local users to gain privileges.
local
low complexity
barracuda-networks
7.2
2006-08-11 CVE-2006-4081 Multiple vulnerability in Barracuda Networks Spam Firewall 3.3.01.001/3.3.03.053
preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 allows remote attackers to execute commands via shell metacharacters ("|" pipe symbol) in the file parameter.
network
low complexity
barracuda-networks
7.5
2006-08-05 CVE-2006-4001 Multiple vulnerability in Barracuda Networks Spam Firewall 3.3.01.001/3.3.03.053/3.3.03.055
Login.pm in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 contains a hard-coded password for the guest account, which allows remote attackers to read sensitive information such as e-mail logs, and possibly e-mail contents and the admin password.
network
low complexity
barracuda-networks
7.5
2005-09-08 CVE-2005-2847 Remote Command Execution vulnerability in Barracuda Networks Barracuda Spam Firewall 3.1.16/3.1.17
img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter.
network
low complexity
barracuda-networks
7.5
2005-05-02 CVE-2005-0431 Remote Security vulnerability in Barracuda Networks Barracuda Spam Firewall 3.1.10
Barracuda Spam Firewall 3.1.10 and earlier does not restrict the domains that white-listed domains can send mail to, which allows members of white-listed domains to use Barracuda as an open mail relay for spam.
network
low complexity
barracuda-networks
7.5