Vulnerability Details CVE-2005-2847
img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.878
EPSS Ranking 99.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=112560044813390&w=2
- http://secunia.com/advisories/16683/
- http://www.securityfocus.com/bid/14712
- http://www.securitytracker.com/alerts/2005/Sep/1014837.html
- http://www.securiweb.net/wiki/Ressources/AvisDeSecurite/2005.1
- http://marc.info/?l=bugtraq&m=112560044813390&w=2
- http://secunia.com/advisories/16683/
- http://www.securityfocus.com/bid/14712
- http://www.securitytracker.com/alerts/2005/Sep/1014837.html
- http://www.securiweb.net/wiki/Ressources/AvisDeSecurite/2005.1
Products affected by CVE-2005-2847
-
cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.16
-
cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.17