According to representatives of the company, is a backdoor in the system firmware of multiple Barracuda Networks product and using it to gain unauthorized access to sensitive devices. "This functionality is not documented anywhere, and can only be disabled through the hidden dialog expert settings" - Austrian experts warn.
Barracuda Devices, customizable to wiretap SSH-connections using backdoor take as a login to enter the word product, but as a password - empty string. After entering this data, the potential intruder appears access to the internal database MySQL. It also reported that the device can run the backdoor only with a narrow range of IP-addresses, and does not belong to the range of the manufacturer.
However, if the attacker access the device with the specified IP, or fake it, he can also get a full SSH-access. In most Barracuda Networks confirmed the problem, saying that in this case it is possible with a number of IP-addresses unprivileged access to the devices of the company. According to the company, this problem is a consequence of the error standard configuration.
Related links:
http://malwarelist.net/2013/01/25/backdoors-barracuda-networks-products/
https://www.barracudanetworks.com/support/techalerts
No comments:
Post a Comment