Page 2 of 8 results (0.005 seconds)

CVSS: 7.5EPSS: 13%CPEs: 2EXPL: 2

preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 allows remote attackers to execute commands via shell metacharacters ("|" pipe symbol) in the file parameter. NOTE: the attack can be extended to arbitrary commands by the presence of CVE-2006-4000. preview_email.cgi en Barracuda Spam Firewall (BSF) 3.3.01.001 hasta 3.3.03.053 permite a atacantes remotos ejecutar comandos mediante metacaracteres de línea de comandos ("|" símbolo de tubería) en el parámetro file. NOTA: el ataque puede extenderse a comandos de su elección por la presencia de CVE-2006-4000. • https://www.exploit-db.com/exploits/2136 https://www.exploit-db.com/exploits/2145 http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0110.html http://secunia.com/advisories/21258 http://securityreason.com/securityalert/1363 http://www.securityfocus.com/archive/1/442132/100/0/threaded http://www.securityfocus.com/archive/1/442249/100/0/threaded http://www.securityfocus.com/bid/19276 https://exchange.xforce.ibmcloud.com/vulnerabilities/28234 •

CVSS: 4.0EPSS: 1%CPEs: 3EXPL: 2

Directory traversal vulnerability in cgi-bin/preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter. Vulnerabilidad de salto de directorio en cgi-bin/preview_email.cgi en Barracuda Spam Firewall (BSF) 3.3.01.001 hasta la 3.3.03.053 permite a usuarios remotos validados leer archivos de su elección a través de la secuencia ..(punto punto) en el parámetro file. • https://www.exploit-db.com/exploits/28321 http://secunia.com/advisories/21258 http://www.securityfocus.com/archive/1/441861/100/0/threaded http://www.securityfocus.com/bid/19276 http://www.vupen.com/english/advisories/2006/3104 https://exchange.xforce.ibmcloud.com/vulnerabilities/28214 •

CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 1

Login.pm in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 contains a hard-coded password for the guest account, which allows remote attackers to read sensitive information such as e-mail logs, and possibly e-mail contents and the admin password. Login.pm en Barracuda Spam Firewall (BSF) 3.3.01.001 hasta la 3.3.03.053 contiene un cosntraseña fuertemente codificada para la cuenta de invitado, lo cual permite que atacantes remotos puedan leer información sensible como el log del e-mail, y posiblemente los contenidos del e-mail y la contraseña de admin. • http://secunia.com/advisories/21258 http://www.securityfocus.com/archive/1/441857/100/0/threaded http://www.securityfocus.com/archive/1/442039/100/0/threaded http://www.securityfocus.com/bid/19276 http://www.vupen.com/english/advisories/2006/3104 https://exchange.xforce.ibmcloud.com/vulnerabilities/28213 •