Information Security News
mailing list archives
Bugs Found In Baked-In Barracuda Backdoors
From: InfoSec News <alerts () infosecnews org>
Date: Fri, 25 Jan 2013 04:07:10 -0600 (CST)
By Kelly Jackson Higgins
Jan 24, 2013
An Austrian researcher discovered flaws in deliberate backdoors built into
Barracuda Networks' Web Filter, Message Archiver, Web Application Firewall,
Link Balancer, and SSL VPN products. The security vendor today patched the
bugs, but left the option up to its customers whether to disable the conduit to
Steve Powell, vice president of product management at Barracuda, says the
special "tunnel" option in the products is for back-end support with the
"When customers request access to the system, they use the Remote Support
Tunnel capability. They call us up, and we can bring up their screens ... with
them," Powell says. "They open a remote support capability to do that."
But Sec Consult found the backdoors and vulnerabilities in them as well as
authentication bypass flaws in Barracuda's products.
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
- Bugs Found In Baked-In Barracuda Backdoors InfoSec News (Jan 25)