SQL Injection Vulnerability in Barracuda Spam Firewall by Barracuda Networks
CVE-2008-1094

Currently unrated

Key Information:

Vendor

Barracuda Networks

Status
Barracuda Spam Firewall
Vendor
CVE Published:
19 December 2008

What is CVE-2008-1094?

An SQL injection vulnerability exists in the index.cgi script of the Barracuda Spam Firewall, specifically in the Account View page. The flaw allows remote authenticated administrators to execute arbitrary SQL commands by manipulating the 'pattern_x' parameter in the 'search_count_equals' action. This issue has been confirmed in versions before 3.5.12.007, potentially exposing sensitive database information and leading to unauthorized access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.exploit-db.com/exploits/7496
exploitx_refsource_EXPLOIT-DB
http://secunia.com/advisories/33164
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/archive/1/499293/100/0/threaded
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.