preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 allows remote attackers to execute commands via shell metacharacters ("|" pipe symbol) in the file parameter. NOTE: the attack can be extended to arbitrary commands by the presence of CVE-2006-4000.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2006-08-11 03:04
Updated : 2018-10-17 14:33
NVD link : CVE-2006-4081
Mitre link : CVE-2006-4081
JSON object : View
CWE
Products Affected
barracuda_networks
- barracuda_spam_firewall