Directory Traversal Vulnerability in Barracuda Spam Firewall
CVE-2005-2848

Currently unrated

Key Information:

Vendor: Barracuda Networks
Status: Barracuda Spam Firewall
Vendor: CVE Published:; 8 September 2005

🔔 Create Barracuda Networks Vulnerability Alert

What is CVE-2005-2848?

A directory traversal vulnerability exists in img.pl of the Barracuda Spam Firewall, enabling remote attackers to access sensitive files on the server. By manipulating the 'f' parameter, attackers can exploit the '..' sequence to traverse directories, potentially compromising the confidentiality of sensitive information. Users of Barracuda Spam Firewall firmware versions 3.1.16 and 3.1.17 should take immediate action to secure their systems against this threat.

References

http://securiweb.net/wiki/Ressources/AvisDeSecurite/2005.1

x_refsource_MISC

http://www.securitytracker.com/alerts/2005/Sep/1014837.html

vdb-entryx_refsource_SECTRACK

http://secunia.com/advisories/16683/

third-party-advisoryx_refsource_SECUNIA

EPSS Score

45% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 8, 2005
Vulnerability Reserved
Sep 8, 2005

JSON