Barracuda Networks » Barracuda Spam Firewall : Security Vulnerabilities, CVEs, Published In 2006

CVE-2006-4082

Barracuda Spam Firewall (BSF), possibly 3.3.03.053, contains a hardcoded password for the admin account for logins from 127.0.0.1 (localhost), which allows local users to gain privileges.
Max CVSS
7.2
EPSS Score
0.06%
Published
2006-08-11
Updated
2018-10-17

CVE-2006-4081

preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 allows remote attackers to execute commands via shell metacharacters ("|" pipe symbol) in the file parameter. NOTE: the attack can be extended to arbitrary commands by the presence of CVE-2006-4000.
Max CVSS
7.5
EPSS Score
13.40%
Published
2006-08-11
Updated
2018-10-17

CVE-2006-4001

Login.pm in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 contains a hard-coded password for the guest account, which allows remote attackers to read sensitive information such as e-mail logs, and possibly e-mail contents and the admin password.
Max CVSS
7.5
EPSS Score
1.88%
Published
2006-08-05
Updated
2018-10-17

CVE-2006-4000

Directory traversal vulnerability in cgi-bin/preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter.
Max CVSS
4.0
EPSS Score
1.05%
Published
2006-08-05
Updated
2018-10-17
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close