Lucene search

MitreCVE-2006-4082

HistoryAug 11, 2006 - 10:04 a.m.

CVE-2006-4082

2006-08-1110:04:00

mitre

web.nvd.nist.gov

cve-2006-4082

barracuda spam firewall

bsf

hardcoded password

admin account

privilege escalation

nvd

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

37.6%

JSON

Barracuda Spam Firewall (BSF), possibly 3.3.03.053, contains a hardcoded password for the admin account for logins from 127.0.0.1 (localhost), which allows local users to gain privileges.

Affected configurations

Nvd

Node

barracuda_networksbarracuda_spam_firewallMatch3.3.03.053

VendorProductVersionCPE
barracuda_networksbarracuda_spam_firewall3.3.03.053cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.03.053:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
barracuda_networks	barracuda_spam_firewall	3.3.03.053	cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.03.053:::::::*

References

archives.neohapsis.com/archives/fulldisclosure/2006-08/0110.html

secunia.com/advisories/21258

securityreason.com/securityalert/1363

www.kb.cert.org/vuls/id/199348

www.osvdb.org/29780

www.securityfocus.com/archive/1/442249/100/0/threaded

www.securityfocus.com/bid/19276

exchange.xforce.ibmcloud.com/vulnerabilities/28235

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

37.6%

JSON

Related for CVE-2006-4082