Backdoors found in Barracuda Networks products

By

Apply updates now.

A researcher has found that several security appliances from Barracuda Networks come with multiple backdoor accounts, allowing for local and remote access to the devices.

Backdoors found in Barracuda Networks products

Stefan Viehböck of Austrian security research firm SEC Consult Unternehmensberatung GmbH discovered the security flaw.

The firm called it "critical" as the accounts are undocumented and can only be disabled through a hidden expert options dialog with the help of vendor support staff.

Furthermore, a secure shell (SSH) daemon runs on the appliances and allows access from servers operated by Barracuda Networks and other unaffiliated entities, Viehböck found.

The following Barracuda Networks products are said to be vulnerable:

  • Spam and Virus Firewall
  • Web Filter
  • Message Archiver
  • Web Application Firewall
  • Link Balancer
  • Load Balancer
  • SSL VPN
  • CudaTel

Barracuda Networks has acknowledged the flaw and issued a security alert, advising customers to update their Security Definitions to version 2.0.5 immediately.

The company said that "while this update drastically minimises potential attack vectors, our support department is available to answer any questions on fully disabling this functionality if support access is not desired." 

According to Viehböck, updating the security definitions does not remove the remote access via SSH vulnerability.

Viehböck said a possible workaround was firewalling the appliances to block incoming traffic on the local network as well as via the Internet destined for TCP port 22 which is used by SSH.

"In secure environments it is highly undesirable to use appliances with backdoors built into them. Even if only the manufacturer can access them," Viehböck concludes.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
barracudainfosecnetworkingsecurity

Sponsored Whitepapers

Optus Enterprise Mobility
Optus Enterprise Mobility
Life After VMware: Scale Securely with mCloud by Micron21
Life After VMware: Scale Securely with mCloud by Micron21
Cut Cloud Costs Without Compromise: Discover mCloud by Micron21
Cut Cloud Costs Without Compromise: Discover mCloud by Micron21
What 4 wholesale distribution challenges aren’t going away anytime soon?
What 4 wholesale distribution challenges aren’t going away anytime soon?
State of the SOC: Building Resilience in a Shifting Threat Landscape
State of the SOC: Building Resilience in a Shifting Threat Landscape

Events

Most Read Articles

Sydney Zoo uses Microsoft Fabric to underpin data modernisation

Sydney Zoo uses Microsoft Fabric to underpin data modernisation
Service NSW centralises security, networking in mammoth CloudOps overhaul

Service NSW centralises security, networking in mammoth CloudOps overhaul
TfNSW's network services deal with Datacom hits $190m

TfNSW's network services deal with Datacom hits $190m
The Asus ZenWiFi Pro XT12 delivers fast, reliable wireless networking for SMBs

The Asus ZenWiFi Pro XT12 delivers fast, reliable wireless networking for SMBs
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?