Barracuda Spam Firewall < 3.5.12.007 Multiple Vulnerabilities (SQLi, XSS)

high Nessus Network Monitor Plugin ID 4795

Synopsis

The remote web server contains CGI scripts that are affected by several issues.

Description

The remote Barracuda Spam Firewall device is using a firmware version earlier than 3.5.12.007. Such versions reportedly are affected by several issues :

- There is a SQL injection vulnerability involving the 'pattern_x' parameter (where x=0...n) of the 'cgi-bin/index.cgi' script when 'filter_x' is set to 'search_count_equals'. Successful exploitation requires credentials. (CVE-2008-1094)

- There are multiple cross-site scripting vulnerabilities due to a failure to sanitize user input when displaying error messages and involving multiple hidden input elements. (CVE-2008-0971)

Solution

Update to firmware version 3.5.12.007 or higher.

See Also

http://dcsl.ul.ie/advisories/02.htm

http://dcsl.ul.ie/advisories/03.htm

http://archives.neohapsis.com/archives/bugtraq/2008-12/0174.html

http://archives.neohapsis.com/archives/bugtraq/2008-12/0175.html

http://www.barracudanetworks.com/ns/support/tech_alert.php

Plugin Details

Severity: High

ID: 4795

Family: Web Servers

Published: 12/22/2008

Updated: 3/6/2019

Nessus ID: 35224

Risk Information

VPR

Risk Factor: Medium

Score: 6.6

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 6.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/h:barracuda_networks:barracuda_spam_firewall

Reference Information

CVE: CVE-2008-0971, CVE-2008-1094

BID: 32867