Barracuda Networks Multiple Products 'view_help.cgi' Directory Traversal Vulnerability Network Vulnerability

Summary

Multiple Barracuda Networks products are prone to a directory- traversal vulnerability because it fails to sufficiently sanitize user- supplied input. A remote attacker can exploit this vulnerability using directory- traversal characters ('../') to access files that contain sensitive information that can aid in further attacks. Affected: Barracuda IM Firewall 3.4.01.004 and earlier Barracuda Link Balancer 2.1.1.010 and earlier Barracuda Load Balancer 3.3.1.005 and earlier Barracuda Message Archiver 2.2.1.005 and earlier Barracuda Spam & Virus Firewall 4.1.2.006 and earlier Barracuda SSL VPN 1.7.2.004 and earlier Barracuda Web Application Firewall 7.4.0.022 and earlier Barracuda Web Filter 4.3.0.013 and earlier

References

http://www.barracudanetworks.com/ns/?L=en_ca
http://www.barracudanetworks.com/ns/support/tech_alert.php
https://www.securityfocus.com/bid/43520

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Abtp Portal Project 'ABTPV_BLOQUE_CENT' Parameter Local and Remote File Include Vulnerabilities
Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities
Apache Tomcat Multiple Vulnerabilities June-09
A Really Simple Chat Multiple XSS Vulnerabilities
123 Flash Chat Multiple Security Vulnerabilities

Take action and discover your vulnerabilities