Friday, January 25, 2013

Backdoors Found in Barracuda Networks Products

An extensive list of firewalls, spam filtering equipment and the creation of virtual private networks, manufactured by Barracuda Networks, contains undocumented backdoor by which a remote user can log in to the management system and gain access to restricted data. With such a warning came on the eve of the Austrian IT company SEC Consult Vulnerability Lab.

According to representatives of the company, is a backdoor in the system firmware of multiple Barracuda Networks product and using it to gain unauthorized access to sensitive devices. "This functionality is not documented anywhere, and can only be disabled through the hidden dialog expert settings" - Austrian experts warn.

Barracuda Devices, customizable to wiretap SSH-connections using backdoor take as a login to enter the word product, but as a password - empty string. After entering this data, the potential intruder appears access to the internal database MySQL. It also reported that the device can run the backdoor only with a narrow range of IP-addresses, and does not belong to the range of the manufacturer.

However, if the attacker access the device with the specified IP, or fake it, he can also get a full SSH-access. In most Barracuda Networks confirmed the problem, saying that in this case it is possible with a number of IP-addresses unprivileged access to the devices of the company. According to the company, this problem is a consequence of the error standard configuration.

Related links:

No comments:

Post a Comment