Solution #00006481
Scope:
Fixed in Web Application Firewall 7.8.0.010
Fixed in Web Application Firewall 7.7.0.026
Fixed in Message Archiver 3.2.0.026
Fixed in Message Archiver 3.5.0.008
Fixed in Load Balancer 4.2.2.007
Fixed in Load Balancer 4.2.0.019
Fixed in Load Balancer 4.1.0.035
Fixed in Load Balancer 3.6.1.011
Fixed in Barracuda ADC 5.0.0.007
Fixed in Barracuda ADC 5.0.1
Fixed in Spam Firewall 6.0.0.028
Fixed in Spam Firewall 5.1.3.005
Fixed in Spam Firewall 4.1.1.021
Fixed in Spam Firewall 3.5.12.025
Fixed in Spam Firewall 5.0.0.025
Fixed in Web Filter BNSF 7.0.0.015
Fixed in Web Filter 6.0.1.012
Fixed in Web Filter 6.0.1.009
Fixed in Link Balancer 2.4.2.008
Fixed in Barracuda Firewall 6.1.1.001
Fixed in Barracuda Firewall 6.1.0.0.016
Severity: High
Description:
Secdef 2.0.20131015 contains fixes for an unauthenticated remote command execution vulnerability fixed in the products and versions listed above. Successful exploitation of the vulnerability requires that the attacker have network access to the management interface of the affected product.
To ensure maximum protection Barracuda Networks recommends that all customers upgrade to the latest generally available firmware and enable all definition updates.
Credits:
Link to this page:
https://campus.barracuda.com/solution/501600000013a0zAAA