Vulnerability Details CVE-2005-2848
Directory traversal vulnerability in img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.45
EPSS Ranking 97.4%
CVSS Severity
CVSS v2 Score 5.0
References
- http://marc.info/?l=bugtraq&m=112560044813390&w=2
- http://secunia.com/advisories/16683/
- http://securiweb.net/wiki/Ressources/AvisDeSecurite/2005.1
- http://www.securityfocus.com/bid/14710
- http://www.securitytracker.com/alerts/2005/Sep/1014837.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22120
- http://marc.info/?l=bugtraq&m=112560044813390&w=2
- http://secunia.com/advisories/16683/
- http://securiweb.net/wiki/Ressources/AvisDeSecurite/2005.1
- http://www.securityfocus.com/bid/14710
- http://www.securitytracker.com/alerts/2005/Sep/1014837.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22120
Products affected by CVE-2005-2848
-
cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.16
-
cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.17