News: Cexx forums, with volunteers dedicated to helping you remove malware and stay protected
 
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
May 24, 2013, 22:26:48
linktree cexx.org - Support Forums  >  Everything Else  >  Tech Talk
linktree Topic: Barracuda appliances - updates
Pages: [1]   Go Down
« previous next »
  Print  
Topic: Barracuda appliances - updates  (Read 147 times)
0 Members and 1 Guest are viewing this topic.
« on: January 24, 2013, 08:37:16 »
AplusWebMaster Offline
Global Moderator WWW
Karma: 501
Posts: 7328
FYI...

Barracuda appliances - backdoors ...
- http://h-online.com/-1790947
24 Jan 2013 - "Almost -all- appliances from Barracuda Networks were delivered with a fixed, preset user account through which, using SSH, you can remotely access the device... the following appliances are affected:
• Barracuda Spam and Virus Firewall
• Barracuda Web Filter
• Barracuda Message Archiver
• Barracuda Web Application Firewall
• Barracuda Link Balancer
• Barracuda Load Balancer
• Barracuda SSL VPN
Also affected are the virtual Vx versions of the listed appliances. Barracuda has released a security update* as "Security Definitions 2.0.5"*. The update changes the sshd configuration to only allow cluster, remote and root to log into the system, with the first two accounts using public/private keys and the latter using a password. Barracuda says that the accounts are "essential for customer support" and will not be removed. The filters on the devices are not being changed in the update and Viehboeck believes the root user might still be crackable. He suggests either placing the appliances behind a firewall that blocks incoming connections to port 22 or contacting Barracuda to get expert assistance in disabling the SSH daemon..."
* https://www.barracudanetworks.com/support/techalerts#40
2013-01-23 - "... Customers are advised to update their Security Definitions to v2.0.5 immediately..."

- https://krebsonsecurity.com/2013/01/backdoors-found-in-barracuda-networks-gear/
24 Jan 2013
___

Barracuda SSL VPN Bug Lets Remote Users Bypass Authentication
- http://www.securitytracker.com/id/1028039
Barracuda Web Filter SSH Backdoor Lets Remote Users Access the System
- http://www.securitytracker.com/id/1028038
Barracuda Web Application Firewall SSH Backdoor Lets Remote Users Access the System
- http://www.securitytracker.com/id/1028037
Barracuda SSL VPN SSH Backdoor Lets Remote Users Access the System
- http://www.securitytracker.com/id/1028036
Barracuda Link Balancer SSH Backdoor Lets Remote Users Access the System
- http://www.securitytracker.com/id/1028035

 Exclamation Exclamation
« Last Edit: January 25, 2013, 03:27:00 by AplusWebMaster » Logged
This machine has no brain.
....... Use your own.
Browser check for updates here.
.
 
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by SMF 1.1.18 | SMF © 2013, Simple Machines Page created in 0.127 seconds with 20 queries.