[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    Re: [Full-disclosure] SEC Consult SA-20130124-0 :: Critical SSH Backdoor in multiple Barracuda Netwo
From:       Luca Carettoni <luca.carettoni () ikkisoft ! com>
Date:       2013-01-25 10:30:42
Message-ID: 1359109842.2986.7.camel () muller
[Download RAW message or body]

Not really a new story. Still, it's good it's back.

You may find this interesting
http://blog.nibblesec.org/2013/01/how-to-patch-your-barracuda-virtual.html

Cheers,
Luca


On Thu, 2013-01-24 at 13:00 +0100, SEC Consult Vulnerability Lab wrote:
> SEC Consult Vulnerability Lab Security Advisory < 20130124-0 >
> =======================================================================
>               title: Critical SSH Backdoor in multiple Barracuda Networks
>                      Products
> vulnerable products: Barracuda Spam and Virus Firewall
>                      Barracuda Web Filter
>                      Barracuda Message Archiver
>                      Barracuda Web Application Firewall
>                      Barracuda Link Balancer
>                      Barracuda Load Balancer
>                      Barracuda SSL VPN
>                      (all including their respective virtual "Vx" versions)
>  vulnerable version: all versions < Security Definition 2.0.5
>       fixed version: Security Definition 2.0.5
>              impact: Critical
>            homepage: https://www.barracudanetworks.com/
>               found: 2012-11-20
>                  by: S. Viehböck
>                      SEC Consult Vulnerability Lab
>                      https://www.sec-consult.com
> =======================================================================


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]