Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Barracuda Networks Spam & Virus Firewall <= 4.1.1.021 Remote Configuration Retrieval
From: Eric Romang <zatazpowa () gmail com>
Date: Sun, 10 Oct 2010 12:50:51 +0200

Hello,

Just extend this vulnerability to all Barracuda products.

I confirm you :

Barracuda Link Balancer 230
Barracuda Link Balancer 430
Barracuda Link Balancer 330
Barracuda Link Balancer 340
Barracuda Web Filter 310
Barracuda Web Filter 410
Barracuda Spam Firewall 300
etc.

Regards

Le 8 oct. 2010 à 10:54, corpus.defero a écrit :

I can't take the credit for this:

http://www.exploit-db.com/exploits/15130/

The Barracuda Spam & Virus Firewall is a hardware device designed to
filter out spam from email. Basically a Linux (Mandrake) device running
Postfix, Spamassassin, Clam-AV, Apache and AmavisNew. Configuration of
the unit is by way of a GUI (Apache derived local website) listening on
port 8000. If the owner has this open to the outside world the unit is
seriously at risk to remote exploit. If not the exploit is usable
locally only.

The exploit will allow the entire configuration to be viewed in plain
text with no encryption. Potentially this is huge as the database
contains usernames/passwords/back end server details/ldap & active
directory credentials to name but a few. Because it contains a number of
MTA's it can be used as an SMTP proxy to send spam with one simple
config change (which I won't detail). Given the purpose of the unit, is
somewhat ironic.

This may have been fixed in newer firmwares, but there are a ton of
these units out there without the ability to update because of lapsed
subscriptions and Barracuda's unwillingness to allow second hand units
to be upgraded.







_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]