CVE-2006-4001

Name of the Vulnerable Software and Affected Versions Barracuda Spam Firewall versions 3.3.01.001 through 3.3.03.053

Description The issue concerns a hard-coded password for the guest account in the Login.pm module. This allows remote attackers to access sensitive information, including e-mail logs, and potentially e-mail contents and the admin password.

Recommendations For versions 3.3.01.001 through 3.3.03.053, consider changing the hard-coded password for the guest account to a unique and secure password, and restrict access to sensitive information until a patch is available. As a temporary workaround, restrict access to the Login.pm module to minimize the risk of exploitation.