CVE-2006-4000

Published: Aug 5, 2006Modified: Apr 16, 2026

4.0

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability: 8.0 / Impact: 2.9

Source: NVD

Description

Directory traversal vulnerability in cgi-bin/preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter.

Affected (3)

Products: Barracuda Networks: Barracuda Spam Firewall

Barracuda Networks

1 product

Barracuda Spam Firewall

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Barracuda Networks Barracuda Spam Firewall	Version 3.3.01.001
Barracuda Networks Barracuda Spam Firewall	Version 3.3.03.053
Barracuda Networks Barracuda Spam Firewall	Version 3.3.03.055

References (10)

http://secunia.com/advisories/21258

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/441861/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/19276

Source: cve@mitre.org

Exploit

http://www.vupen.com/english/advisories/2006/3104

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/28214

Source: cve@mitre.org

http://secunia.com/advisories/21258

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/441861/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/19276

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.vupen.com/english/advisories/2006/3104

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/28214

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.