[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] SEC Consult SA-20130124-0 :: Critical SSH Backdoor in multiple Barracuda Networks Products
- To: SEC Consult Vulnerability Lab <research@xxxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] SEC Consult SA-20130124-0 :: Critical SSH Backdoor in multiple Barracuda Networks Products
- From: Luca Carettoni <luca.carettoni@xxxxxxxxxxxx>
- Date: Fri, 25 Jan 2013 02:30:42 -0800
Not really a new story. Still, it's good it's back.
You may find this interesting
http://blog.nibblesec.org/2013/01/how-to-patch-your-barracuda-virtual.html
Cheers,
Luca
On Thu, 2013-01-24 at 13:00 +0100, SEC Consult Vulnerability Lab wrote:
> SEC Consult Vulnerability Lab Security Advisory < 20130124-0 >
> =======================================================================
> title: Critical SSH Backdoor in multiple Barracuda Networks
> Products
> vulnerable products: Barracuda Spam and Virus Firewall
> Barracuda Web Filter
> Barracuda Message Archiver
> Barracuda Web Application Firewall
> Barracuda Link Balancer
> Barracuda Load Balancer
> Barracuda SSL VPN
> (all including their respective virtual "Vx" versions)
> vulnerable version: all versions < Security Definition 2.0.5
> fixed version: Security Definition 2.0.5
> impact: Critical
> homepage: https://www.barracudanetworks.com/
> found: 2012-11-20
> by: S. Viehböck
> SEC Consult Vulnerability Lab
> https://www.sec-consult.com
> =======================================================================
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/