Sign-up

ID

VAR-200509-0169


CVE

CVE-2005-2847


TITLE

Barracuda Spam Firewall IMG.PL Remote Command Execution Vulnerability

Trust: 0.9

sources: BID: 14712 // CNNVD: CNNVD-200509-075

DESCRIPTION

img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter. This issue arises when user-specified commands are supplied to the Web interface of the device. An attacker can supply arbitrary commands and have them executed in the context of the server. This issue may facilitate unauthorized remote access. Barracuda Spam Firewall firmware 3.1.17 and prior versions are affected by this issue. The img.pl script tries to disconnect the file when the user finishes reading it. In /cgi-bin/img.pl script: my $file_img=\"/tmp/\".CGI::param(\'\'f\'\'); open (IMG, $file_img) or die \ "Could not open image because: $!\n\"; ... unlink ($file_img); The perl open function can also be used to execute commands. If the string ends with \"|\", the script executes the command

Trust: 1.26

sources: NVD: CVE-2005-2847 // BID: 14712 // VULHUB: VHN-14056

AFFECTED PRODUCTS

vendor:barracudamodel:spam firewallscope:eqversion:3.1.17

Trust: 1.6

vendor:barracudamodel:spam firewallscope:eqversion:3.1.16

Trust: 1.6

vendor:barracudamodel:networks barracuda spam firewallscope:eqversion:3.1.17

Trust: 0.3

vendor:barracudamodel:networks barracuda spam firewallscope:neversion:3.1.18

Trust: 0.3

sources: BID: 14712 // NVD: CVE-2005-2847 // CNNVD: CNNVD-200509-075

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2005-2847
value: HIGH

Trust: 1.0

CNNVD: CNNVD-200509-075
value: HIGH

Trust: 0.6

VULHUB: VHN-14056
value: HIGH

Trust: 0.1

NVD:
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: TRUE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.0

VULHUB: VHN-14056
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-14056 // NVD: CVE-2005-2847 // CNNVD: CNNVD-200509-075

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-2847

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200509-075

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-200509-075

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2005-2847

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-14056

EXTERNAL IDS
db:BIDid:14712
Trust: 2.0
db:SECTRACKid:1014837
Trust: 1.7
db:NVDid:CVE-2005-2847
Trust: 1.7
db:SECUNIAid:16683
Trust: 1.7
db:CNNVDid:CNNVD-200509-075
Trust: 0.7
db:BUGTRAQid:20050901 [SECURIWEB.2005.1] - BARRACUDA SPAM FIREWALL ADVISORY
Trust: 0.6
db:SEEBUGid:SSVID-71388
Trust: 0.1
db:SEEBUGid:SSVID-63243
Trust: 0.1
db:PACKETSTORMid:82353
Trust: 0.1
db:EXPLOIT-DBid:1236
Trust: 0.1
db:EXPLOIT-DBid:16893
Trust: 0.1
db:VULHUBid:VHN-14056
Trust: 0.1
sources:
            
            
            VULHUB: VHN-14056 // 
            
            
            
            BID: 14712 // 
            
            
            
            NVD: CVE-2005-2847 // 
            
            
            
            CNNVD: CNNVD-200509-075

REFERENCES
url:http://www.securityfocus.com/bid/14712
Trust: 1.7
url:http://www.securiweb.net/wiki/ressources/avisdesecurite/2005.1
Trust: 1.7
url:http://www.securitytracker.com/alerts/2005/sep/1014837.html
Trust: 1.7
url:http://secunia.com/advisories/16683/
Trust: 1.7
url:http://marc.info/?l=bugtraq&m=112560044813390&w=2
Trust: 1.0
url:http://marc.theaimsgroup.com/?l=bugtraq&m=112560044813390&w=2
Trust: 0.6
url:http://www.barracudanetworks.com/ns/products/spam_overview.php
Trust: 0.3
url:/archive/1/409665
Trust: 0.3
url:http://marc.info/?l=bugtraq&m=112560044813390&w=2
Trust: 0.1
sources:
            
            
            VULHUB: VHN-14056 // 
            
            
            
            BID: 14712 // 
            
            
            
            NVD: CVE-2005-2847 // 
            
            
            
            CNNVD: CNNVD-200509-075

CREDITS
Francois Harvey  fharvey@securiweb.net
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200509-075

SOURCES
db:VULHUBid:VHN-14056
db:BIDid:14712
db:NVDid:CVE-2005-2847
db:CNNVDid:CNNVD-200509-075

LAST UPDATE DATE
2023-12-18T12:40:21.216000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-14056date:2016-10-18T00:00:00
db:BIDid:14712date:2005-09-01T00:00:00
db:NVDid:CVE-2005-2847date:2016-10-18T03:30:47.743
db:CNNVDid:CNNVD-200509-075date:2006-08-23T00:00:00

SOURCES RELEASE DATE
db:VULHUBid:VHN-14056date:2005-09-08T00:00:00
db:BIDid:14712date:2005-09-01T00:00:00
db:NVDid:CVE-2005-2847date:2005-09-08T10:03:00
db:CNNVDid:CNNVD-200509-075date:2005-09-08T00:00:00