Summary
Multiple Barracuda Networks products are prone to a directory- traversal vulnerability because it fails to sufficiently sanitize user- supplied input.
A remote attacker can exploit this vulnerability using directory- traversal characters ('../') to access files that contain sensitive information that can aid in further attacks.
Affected:
Barracuda IM Firewall 3.4.01.004 and earlier
Barracuda Link Balancer 2.1.1.010 and earlier
Barracuda Load Balancer 3.3.1.005 and earlier
Barracuda Message Archiver 2.2.1.005 and earlier
Barracuda Spam & Virus Firewall 4.1.2.006 and earlier Barracuda SSL VPN 1.7.2.004 and earlier
Barracuda Web Application Firewall 7.4.0.022 and earlier Barracuda Web Filter 4.3.0.013 and earlier
References