Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2849


Vulnerability Score 6.4 6.4
CVE Id CVE-2005-2849
Last Modified 05 Sep 2008 04:52:49
Published 08 Sep 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Argument injection vulnerability in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to (1) read portions of source code via the -f option to Dig (dig_device.cgi), (2) determine file existence via the -r argument to Tcpdump (tcpdump_device.cgi) or (3) modify files in the cgi-bin directory via the -w argument to Tcpdump.

Vulnerable Systems


SECTRACK - 1014837


SECUNIA - 16683

BUGTRAQ - 20050901 [SecuriWeb.2005.1] - Barracuda SPAM firewall advisory

Last Updated: 27 May 2016 10:40:40