|
|
|
|
| |
Credit:
The information has been provided by Benjamin Kunz Mejri.
The original article can be found at: http://www.vulnerability-lab.com/get_content.php?id=28
|
| |
Vulnerable Systems:
* Barracuda Networks Barracuda Spam & Virus WAF 600 0 and prior
Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible.
Multiple persistent Input Validation vulnerabilities are detected on Barracudas Spam & Virus Web Firewall 600. Local low privileged user account can implement/inject malicious persistent script code. When exploited by an authenticated user, the identified vulnerabilities
can lead to information disclosure, access to intranet available servers, manipulated persistent content.
Vulnerable Module(s):
[+] Trace route Device - Troubleshooting
[+] LDAP Configuration - LDAP Username
Affected Firmware(s):
[+] Firmware v4.0.1.009 & older versions
Proof of Concept:
The persistent vulnerabilities can be exploited by local low privileged user accounts with low required user inter action or by remote attackers with high required user inter action.
Manual Steps ...
1. Login to the Barracuda Application
2. Open the vulnerable area were the persistent vulnerability is located
3. Include/Insert your own script code or poc and save/execute the content to inject
4. View the injected results which were stored on application side. The code is getting executed in the output section
CVE Information:
CVE-2012-5316
Disclosure Timeline:
2011-04-01: Vendor Notification
2011-08-04: Vendor Response/Feedback
2011-12-22: Vendor Fix/Patch by Check
2012-01-19: Public or Non-Public Disclosure
|
|
|
|
|
