Detections
Analytics
Barracuda Spam Firewall < 3.5.12.007 Multiple Vulnerabilities
medium Nessus Plugin ID 35224
Language:
Synopsis
The remote web server contains CGI scripts that are affected by several issues.Description
The remote Barracuda Spam Firewall device is using a firmware version prior to version 3.5.12.007. It is, therefore, reportedly affected by several issues :- There is a remote SQL injection vulnerability involving the 'pattern_x' parameter (where x=0...n) of the 'cgi-bin/index.cgi' script when 'filter_x' is set to 'search_count_equals'. Successful exploitation requires credentials. (CVE-2008-1094)
- There are multiple cross-site scripting vulnerabilities due to a failure to sanitize user input when displaying error messages and involving multiple hidden input elements. (CVE-2008-0971)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported firmware version.
Solution
Update to firmware release 3.5.12.007 or later.See Also
http://www.nessus.org/u?4d7c04e2
http://www.nessus.org/u?6e6d7709
https://seclists.org/bugtraq/2008/Dec/174
Plugin Details
Severity: Medium
ID: 35224
File Name: barracuda_spam_firewall_3_5_12_007.nasl
Version: 1.17
Type: remote
Family: CGI abuses
Published: 12/19/2008
Updated: 1/19/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.6
CVSS v2
Risk Factor: Medium
Base Score: 6.5
Temporal Score: 5.1
Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/h:barracuda_networks:barracuda_spam_firewall
Required KB Items: www/barracuda_spamfw
Exploit Available: true
Exploit Ease: Exploits are available
Reference Information
CVE: CVE-2008-0971, CVE-2008-1094
BID: 32867