Barracuda Products SSH backdoor vulnerability

Last Update Date: 25 Jan 2013 12:33 Release Date: 25 Jan 2013 4376 Views

RISK: Medium Risk

Medium Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

A vulnerability has identified in multiple Barracuda products. A remote user can gain access to the target system.

The system includes several undocumented SSH user accounts that cannot be disabled and can be accessed from certain whitelisted IP ranges. At least one account can be exploited to gain shell access on the target device.

Impact

  • LAN Based Remote Code Execution

System / Technologies affected

  • Barracuda Web Filter using Security Definition prior to 2.0.5
  • Barracuda Web Application Firewall using Security Definition prior to 2.0.5
  • Barracuda SSL VPN using Security Definition prior to 2.0.5
  • Barracuda Link Balancer using Security Definition prior to 2.0.5

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Apply the Security Definition 2.0.5.

Vulnerability Identifier

  • No CVE information is available

Source

Related Link

Share with

Previous

Cisco Wireless LAN Controller Multipule Vulnerabilities

24 Jan 2013 4395 Views

Next

Mass Scam Email Impersonating HKCERT Distributing Malware

25 Jan 2013 4306 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY