Barracuda Networks Multiple Products 'view_help.cgi' Directory Traversal Vulnerability Network Vulnerability

Summary

Multiple Barracuda Networks products are prone to a directory- traversal vulnerability because it fails to sufficiently sanitize user- supplied input. A remote attacker can exploit this vulnerability using directory- traversal characters ('../') to access files that contain sensitive information that can aid in further attacks. Affected: Barracuda IM Firewall 3.4.01.004 and earlier Barracuda Link Balancer 2.1.1.010 and earlier Barracuda Load Balancer 3.3.1.005 and earlier Barracuda Message Archiver 2.2.1.005 and earlier Barracuda Spam & Virus Firewall 4.1.2.006 and earlier Barracuda SSL VPN 1.7.2.004 and earlier Barracuda Web Application Firewall 7.4.0.022 and earlier Barracuda Web Filter 4.3.0.013 and earlier

References

http://www.barracudanetworks.com/ns/?L=en_ca
http://www.barracudanetworks.com/ns/support/tech_alert.php
https://www.securityfocus.com/bid/43520

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache ActiveMQ Multiple Vulnerabilities
Apache Solr XML External Entity(XXE) Vulnerability-01 Jan-14
Apache Archiva Cross Site Request Forgery Vulnerability
Apache Tomcat HTTP BIO Connector Information Disclosure Vulnerability
Annuaire PHP 'sites_inscription.php' Cross Site Scripting Vulnerability

Take action and discover your vulnerabilities