| VID |
29120 |
| Severity |
40 |
| Port |
8000, ... |
| Protocol |
TCP |
| Class |
Firewall |
| Detailed Description |
The relevant host appears to be a Barracuda Spam Firewall appliance, which has multiple vulnerabilities. Barracuda Spam Firewall is a spam and anti-virus firewall appliance for complete protection of e-mail servers. Barracuda Spam Firewall versions 3.1.16 and 3.1.17 are vulnerable to multiple vulnerabilities, which allow for execution of arbitrary code and reading of arbitrary files in the security context of the Web server process as follows:
1) By sending a specially-crafted URL to the /cgi-bin/img.pl script containing '../' directory traversal characters in the f parameter, a remote attacker could read arbitrary files outside of the web root directory or execute arbitrary commands on the affected system.
2) By sending a specially-crafted request to the /cgi-bin/dig_device.cgi file using various flag options, a remote attacker could view source code files, determine file existence or overwrite arbitrary files in the /cgi-bin directory.
* References:
http://www.securitytracker.com/alerts/2005/Sep/1014837.html
http://securiweb.net/wiki/Ressources/AvisDeSecurite/2005.1
* Platforms Affected:
Barracuda Networks, Barracuda Spam Firewall 3.1.16
Barracuda Networks, Barracuda Spam Firewall 3.1.17 |
| Recommendation |
Upgrade to the latest firmware for Barracuda Spam Firewall (3.1.18 or later), available from Barracuda Networks Web site at http://www.barracudanetworks.com/products/ |
| Related URL |
CVE-2005-2847,CVE-2005-2848 (CVE) |
| Related URL |
14710,14712 (SecurityFocus) |
| Related URL |
22119,22120,22121 (ISS) |
|
