CVE-2007-6315

Name of the Vulnerable Software and Affected Versions BarracudaDrive Web Server versions prior to 3.8

Description The issue allows remote authenticated users to cause a denial of service, resulting in a crash, by sending a specific HTTP request to the "/eh/chat.ehintf/C" endpoint that does not contain a Connection ID. This results in a NULL pointer dereference.

Recommendations For versions prior to 3.8, update to version 3.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the "/eh/chat.ehintf/C" endpoint to minimize the risk of exploitation.