Home page logo
/

isn logo Information Security News mailing list archives

Bugs Found In Baked-In Barracuda Backdoors
From: InfoSec News <alerts () infosecnews org>
Date: Fri, 25 Jan 2013 04:07:10 -0600 (CST)

http://www.darkreading.com/insider-threat/167801100/security/perimeter-security/240146954/bugs-found-in-baked-in-barracuda-backdoors.html

By Kelly Jackson Higgins
Dark Reading
Jan 24, 2013

An Austrian researcher discovered flaws in deliberate backdoors built into Barracuda Networks' Web Filter, Message Archiver, Web Application Firewall, Link Balancer, and SSL VPN products. The security vendor today patched the bugs, but left the option up to its customers whether to disable the conduit to their devices.

Steve Powell, vice president of product management at Barracuda, says the special "tunnel" option in the products is for back-end support with the vendor.

"When customers request access to the system, they use the Remote Support Tunnel capability. They call us up, and we can bring up their screens ... with them," Powell says. "They open a remote support capability to do that."

But Sec Consult found the backdoors and vulnerabilities in them as well as authentication bypass flaws in Barracuda's products.

[...]


______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org

  By Date           By Thread  

Current thread:
  • Bugs Found In Baked-In Barracuda Backdoors InfoSec News (Jan 25)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault