preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3.01.001 up to and including 3.3.03.053 allows remote malicious users to execute commands via shell metacharacters ("|" pipe symbol) in the file parameter. NOTE: the attack can be extended to arbitrary commands by the presence of CVE-2006-4000.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
barracuda networks barracuda spam firewall 3.3.01.001 |
||
barracuda networks barracuda spam firewall 3.3.03.053 |