CVE-2006-4001

{"id": "CVE-2006-4001", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2006-08-05T01:04:00.000", "references": [{"url": "http://secunia.com/advisories/21258", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/441857/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/442039/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/19276", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/3104", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28213", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/21258", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/441857/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/442039/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/19276", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2006/3104", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28213", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Login.pm in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 contains a hard-coded password for the guest account, which allows remote attackers to read sensitive information such as e-mail logs, and possibly e-mail contents and the admin password."}, {"lang": "es", "value": "Login.pm en Barracuda Spam Firewall (BSF) 3.3.01.001 hasta la 3.3.03.053 contiene un cosntrase\u00f1a fuertemente codificada para la cuenta de invitado, lo cual permite que atacantes remotos puedan leer informaci\u00f3n sensible como el log del e-mail, y posiblemente los contenidos del e-mail y la contrase\u00f1a de admin."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.01.001:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4499AB68-D449-4A36-A243-F13F02C0EF95"}, {"criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.03.053:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9E13260-BC29-45D9-98F3-0C2D7CF72A42"}, {"criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.03.055:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3DB02038-4858-4D43-9FB6-492E131227CA"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}