Firewall, VPN and spam filtering products from Barracuda Networks
contains hidden hard coded backdoor ed SSH accounts, that allow any
hacker to remotely log in and root access sensitive information.
According to an advisory published by Stefan Viehböck
of SEC Consult Vulnerability Lab reported the vulnerabilities in
default firewall configuration and default user accounts on the
unit. Barracuda were informed of the vulnerabilities at the end of
November.
All Barracuda Networks appliances with the exception of the Barracuda
Backup Server, Barracuda Firewall, and Barracuda NG Firewall are
potentially affected i.e Barracuda Spam and Virus Firewall, Barracuda
Web Filter, Barracuda Message Archiver, Barracuda Web Application
Firewall, Barracuda Link Balancer, Barracuda Load Balancer, Barracuda
SSL VPN, CudaTel.
Barracuda recommended that all customers immediately update their
Barracuda security definitions to v2.0.5, ensure the products' security
definitions are set to on, and check that they're using the most recent
firmware. In an attempt to limit access to the backdoor, Barracuda added
network rules which only allow access to SSH from certain IP addresses.
No comments:
Post a Comment