Adds http-barracuda-dir-traversal -

Attempts to retrieve the configuration settings from the MySQL database dump on a Barracuda Networks Spam & Virus Firewall device using the directory traversal vulnerability in the "locale" parameter of "/cgi-mod/view_help.cgi" or "/cgi-bin/view_help.cgi". The web administration interface runs on port 8000 by default. Barracuda Networks Spam & Virus Firewall <= 4.1.1.021 Remote Configuration Retrieval Original exploit by ShadowHatesYou <Shadow@SquatThis.net> For more information, see: http://seclists.org/fulldisclosure/2010/Oct/119 http://www.exploit-db.com/exploits/15130/
2025-12-25 08:59:01 +00:00 · 2011-06-28 23:43:34 +00:00
parent 832d1e91fa
commit 651197768b
2 changed files with 182 additions and 0 deletions
--- a/scripts/script.db
+++ b/scripts/script.db
@@ -60,6 +60,7 @@ Entry { filename = "hddtemp-info.nse", categories = { "default", "discovery", "s
 Entry { filename = "hostmap.nse", categories = { "discovery", "external", "intrusive", } }
 Entry { filename = "http-affiliate-id.nse", categories = { "discovery", "safe", } }
 Entry { filename = "http-auth.nse", categories = { "auth", "default", "safe", } }
+Entry { filename = "http-barracuda-dir-traversal.nse", categories = { "auth", "exploit", "intrusive", } }
 Entry { filename = "http-brute.nse", categories = { "auth", "intrusive", } }
 Entry { filename = "http-cakephp-version.nse", categories = { "discovery", "safe", } }
 Entry { filename = "http-date.nse", categories = { "discovery", "safe", } }