Multiple Vulnerabilities in Barracuda Products

Posted: January 25, 2013 in Vulnerabilities
Tags: , ,

Vulnerability

Vulnerabilities in Barracuda Products

Vulnerability: Multiple Vulnerabilities in Barracuda Products

Danger level: Average

Number of vulnerabilities: 2

Vector operation: Remote
Impact: Security Bypass, System compromise

Affected products:

- Barracuda SSL VPN 3.x;
– Barracuda Load Balancer 3.x;
– Barracuda Link Balancer 3.x;
– Barracuda Web Application Firewall 3.x;
– Barracuda Message Archiver 3.x;
– Barracuda Web Filter 3.x.

Affected versions:

- Barracuda Spam and Virus Firewall 2.0.5;
– Barracuda Web Filter 2.0.5;
– Barracuda Message Archiver 2.0.5;
– Barracuda Web Application Firewall 2.0.5;
– Barracuda Link Balancer 2.0.5;
– Barracuda Load Balancer 2.0.5;
– Barracuda SSL VPN 2.0.5.

Description:

Discovered vulnerabilities can be exploited by malicious people to bypass certain security restrictions on the target system.

1. The vulnerability is caused due to the existence of a number of undocumented accounts, through which a remote user can log in through a terminal or SSH.

2. The vulnerability is due to the fact that the SSH-daemon listens for connections that are made from IP-addresses belonging to the whitelist. This can be exploited to bypass security restrictions on the target system.

Manufacturer URL: https://www.barracudanetworks.com/

Solution: The way to eliminate the vulnerability does not exist at present.

Links:

https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130124-0_Barracuda_Appliances_Backdoor_wo_poc_v10.txt

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s