Details of VAR-200812-0328

ID

VAR-200812-0328

CVE

CVE-2008-1094

TITLE

Barracuda Spam Firewall of Account View In the page index.cgi In SQL Injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2008-002512

DESCRIPTION

SQL injection vulnerability in index.cgi in the Account View page in Barracuda Spam Firewall (BSF) before 3.5.12.007 allows remote authenticated administrators to execute arbitrary SQL commands via a pattern_x parameter in a search_count_equals action, as demonstrated by the pattern_0 parameter. Multiple Barracuda products are prone to multiple input-validation vulnerabilities, including multiple cross-site scripting vulnerabilities, an HTML-injection vulnerability, and an SQL-injection vulnerability. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Versions prior to the following are affected: Barracuda Message Archiver to 1.2.1.002. Barracuda Spam Firewall 3.5.12.007 and prior Barracuda Web Filter 3.3.0.052 and prior Barracuda IM Firewall 3.1.01.017 and prior Barracuda Load Balancer 2.3.024 and prior. Barracuda Spam Firewall is an integrated hardware and software spam solution for protecting mail servers. ---------------------------------------------------------------------- Did you know that a change in our assessment rating, exploit code availability, or if an updated patch is released by the vendor, is not part of this mailing-list? Click here to learn more: http://secunia.com/advisories/business_solutions/ ---------------------------------------------------------------------- TITLE: Barracuda Products Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA33164 VERIFY ADVISORY: http://secunia.com/advisories/33164/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: >From remote OPERATING SYSTEM: Barracuda Spam Firewall http://secunia.com/advisories/product/4639/ Barracuda IM Firewall http://secunia.com/advisories/product/20790/ Barracuda Load Balancer http://secunia.com/advisories/product/20791/ Barracuda Message Archiver http://secunia.com/advisories/product/20788/ Barracuda Web Filter http://secunia.com/advisories/product/20789/ DESCRIPTION: Dr. Input passed to various parameters is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Update to the latest version. Marian Ventuneac, Data Communications Security Laboratory, University of Limerick ORIGINAL ADVISORY: Barracuda Networks: http://www.barracudanetworks.com/ns/support/tech_alert.php Dr. Marian Ventuneac: http://dcsl.ul.ie/advisories/02.htm http://dcsl.ul.ie/advisories/03.htm ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2008-1094 // JVNDB: JVNDB-2008-002512 // BID: 32867 // VULHUB: VHN-31219 // PACKETSTORM: 73049

AFFECTED PRODUCTS

vendor:	barracuda	model:	spam firewall	scope:	lte	version:	3.5.11.020	Trust: 1.0
vendor:	barracuda	model:	spam firewall	scope:	eq	version:	3.5.11.020	Trust: 0.9
vendor:	barracuda	model:	spam firewall	scope:	lt	version:	3.5.12.007	Trust: 0.8
vendor:	barracuda	model:	web filter	scope:	eq	version:	3.3.0.038	Trust: 0.3
vendor:	barracuda	model:	message archiver	scope:	eq	version:	1.1.0.010	Trust: 0.3
vendor:	barracuda	model:	load balancer	scope:	eq	version:	2.2.6	Trust: 0.3
vendor:	barracuda	model:	im firewall	scope:	eq	version:	3.0.01.008	Trust: 0.3
vendor:	barracuda	model:	web filter	scope:	ne	version:	3.3.0.052	Trust: 0.3
vendor:	barracuda	model:	spam firewall	scope:	ne	version:	3.5.12.007	Trust: 0.3
vendor:	barracuda	model:	message archiver	scope:	ne	version:	1.2.1.002	Trust: 0.3
vendor:	barracuda	model:	load balancer	scope:	ne	version:	2.3.24	Trust: 0.3
vendor:	barracuda	model:	im firewall	scope:	ne	version:	3.1.01.017	Trust: 0.3

sources: BID: 32867 // JVNDB: JVNDB-2008-002512 // CNNVD: CNNVD-200812-370 // NVD: CVE-2008-1094

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2008-1094
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2008-1094
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200812-370
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-31219
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2008-1094
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-31219
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-31219 // JVNDB: JVNDB-2008-002512 // CNNVD: CNNVD-200812-370 // NVD: CVE-2008-1094

PROBLEMTYPE DATA

problemtype:

CWE-89

Trust: 1.9

sources: VULHUB: VHN-31219 // JVNDB: JVNDB-2008-002512 // NVD: CVE-2008-1094

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200812-370

TYPE

SQL injection

Trust: 0.6

sources: CNNVD: CNNVD-200812-370

CONFIGURATIONS

sources: JVNDB: JVNDB-2008-002512

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-31219

PATCH

title:

Barracuda Spam Firewall resolved potential issue associated with the Users → Accounts View page

url:

http://www.barracudanetworks.com/ns/support/tech_alert.php

Trust: 0.8

sources: JVNDB: JVNDB-2008-002512

EXTERNAL IDS

db:	NVD	id:	CVE-2008-1094	Trust: 2.8
db:	SECUNIA	id:	33164	Trust: 2.6
db:	SECTRACK	id:	1021455	Trust: 2.5
db:	SREASON	id:	4793	Trust: 1.7
db:	EXPLOIT-DB	id:	7496	Trust: 1.7
db:	JVNDB	id:	JVNDB-2008-002512	Trust: 0.8
db:	MILW0RM	id:	7496	Trust: 0.6
db:	BUGTRAQ	id:	20081216 CVE-2008-1094 - BARRACUDA SPAN FIREWALL SQL INJECTION VULNERABILITY	Trust: 0.6
db:	CNNVD	id:	CNNVD-200812-370	Trust: 0.6
db:	BID	id:	32867	Trust: 0.3
db:	PACKETSTORM	id:	73064	Trust: 0.1
db:	SEEBUG	id:	SSVID-66066	Trust: 0.1
db:	VULHUB	id:	VHN-31219	Trust: 0.1
db:	PACKETSTORM	id:	73049	Trust: 0.1

sources: VULHUB: VHN-31219 // BID: 32867 // JVNDB: JVNDB-2008-002512 // PACKETSTORM: 73049 // CNNVD: CNNVD-200812-370 // NVD: CVE-2008-1094

REFERENCES

url:	http://securitytracker.com/id?1021455	Trust: 2.5
url:	http://secunia.com/advisories/33164	Trust: 2.5
url:	http://www.barracudanetworks.com/ns/support/tech_alert.php	Trust: 2.1
url:	http://dcsl.ul.ie/advisories/02.htm	Trust: 2.1
url:	http://securityreason.com/securityalert/4793	Trust: 1.7
url:	http://www.securityfocus.com/archive/1/499293/100/0/threaded	Trust: 1.1
url:	https://www.exploit-db.com/exploits/7496	Trust: 1.1
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-1094	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1094	Trust: 0.8
url:	http://www.securityfocus.com/archive/1/archive/1/499293/100/0/threaded	Trust: 0.6
url:	http://www.milw0rm.com/exploits/7496	Trust: 0.6
url:	http://dcsl.ul.ie/advisories/03.htm	Trust: 0.4
url:	http://www.barracudanetworks.com/ns/?l=en_ca	Trust: 0.3
url:	/archive/1/499294	Trust: 0.3
url:	/archive/1/499293	Trust: 0.3
url:	http://secunia.com/advisories/33164/	Trust: 0.1
url:	http://secunia.com/advisories/product/4639/	Trust: 0.1
url:	http://secunia.com/advisories/product/20791/	Trust: 0.1
url:	http://secunia.com/advisories/product/20788/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/product/20789/	Trust: 0.1
url:	http://secunia.com/advisories/business_solutions/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/product/20790/	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-31219 // BID: 32867 // JVNDB: JVNDB-2008-002512 // PACKETSTORM: 73049 // CNNVD: CNNVD-200812-370 // NVD: CVE-2008-1094

CREDITS

Marian Ventuneac※ marian.ventuneac@ul.ie

Trust: 0.6

sources: CNNVD: CNNVD-200812-370

SOURCES

db:	VULHUB	id:	VHN-31219
db:	BID	id:	32867
db:	JVNDB	id:	JVNDB-2008-002512
db:	PACKETSTORM	id:	73049
db:	CNNVD	id:	CNNVD-200812-370
db:	NVD	id:	CVE-2008-1094

LAST UPDATE DATE

2025-04-10T23:21:34.719000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-31219	date:	2018-10-11T00:00:00
db:	BID	id:	32867	date:	2008-12-19T18:42:00
db:	JVNDB	id:	JVNDB-2008-002512	date:	2011-06-06T00:00:00
db:	CNNVD	id:	CNNVD-200812-370	date:	2009-01-29T00:00:00
db:	NVD	id:	CVE-2008-1094	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-31219	date:	2008-12-19T00:00:00
db:	BID	id:	32867	date:	2008-12-16T00:00:00
db:	JVNDB	id:	JVNDB-2008-002512	date:	2011-06-06T00:00:00
db:	PACKETSTORM	id:	73049	date:	2008-12-16T12:16:02
db:	CNNVD	id:	CNNVD-200812-370	date:	2008-12-19T00:00:00
db:	NVD	id:	CVE-2008-1094	date:	2008-12-19T17:30:02.827