SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Firewall)  >   Barracuda Web Application Firewall Vendors:   Barracuda Networks
Barracuda Web Application Firewall SSH Backdoor Lets Remote Users Access the System
SecurityTracker Alert ID:  1028037
SecurityTracker URL:  http://securitytracker.com/id/1028037
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jan 24 2013
Impact:   User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): prior to Security Definition 2.0.5
Description:   A vulnerability was reported in Barracuda Web Application Firewall. A remote user can gain access to the target system.

The system includes several undocumented SSH user accounts that cannot be disabled and can be accessed from certain whitelisted IP ranges. At least one account can be exploited to gain shell access on the target device.

The SSH user account names are:

root
build
shutdown
product
ca
support
websupport
qa_test

The following IP ranges are whitelisted:

192.168.200.0/24
192.168.10.0/24
205.158.110.0/24
216.129.105.0/24

The vendor was notified on Nov 29, 2012.

The original advisory is available at:

https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130124-0_Barracuda_Appliances_Backdoor_wo_poc_v10.txt

S. Viehbock of SEC Consult reported this vulnerability.

Impact:   A remote user can gain access to the target system.
Solution:   The vendor has issued a fix (Security Definition 2.0.5).

The fix retains several user accounts for support purposes. The vendor reportedly offers a special option (via customer support) that disables the SSH daemon.

The vendor's advisory is available at:

https://www.barracudanetworks.com/support/techalerts#40

Vendor URL:  www.barracudanetworks.com/support/techalerts#40 (Links to External Site)
Cause:   Configuration error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC