lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sun, 10 Oct 2010 12:52:23 +0200
From: "advisories@...az.com" <advisories@...az.com>
To: corpus.defero@...et.com
Cc: full-disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: Barracuda Networks Spam & Virus Firewall <=
	4.1.1.021 Remote Configuration Retrieval

Hello,

Just extend this vulnerability to all Barracuda products.

I confirm you :

Barracuda Link Balancer 230
Barracuda Link Balancer 430
Barracuda Link Balancer 330
Barracuda Link Balancer 340
Barracuda Web Filter 310
Barracuda Web Filter 410
Barracuda Spam Firewall 300
etc.

Regards

Le 8 oct. 2010 à 10:54, corpus.defero a écrit :

> I can't take the credit for this:
> 
> http://www.exploit-db.com/exploits/15130/
> 
> The Barracuda Spam & Virus Firewall is a hardware device designed to
> filter out spam from email. Basically a Linux (Mandrake) device running
> Postfix, Spamassassin, Clam-AV, Apache and AmavisNew. Configuration of
> the unit is by way of a GUI (Apache derived local website) listening on
> port 8000. If the owner has this open to the outside world the unit is
> seriously at risk to remote exploit. If not the exploit is usable
> locally only.
> 
> The exploit will allow the entire configuration to be viewed in plain
> text with no encryption. Potentially this is huge as the database
> contains usernames/passwords/back end server details/ldap & active
> directory credentials to name but a few. Because it contains a number of
> MTA's it can be used as an SMTP proxy to send spam with one simple
> config change (which I won't detail). Given the purpose of the unit, is
> somewhat ironic.
> 
> This may have been fixed in newer firmwares, but there are a ton of
> these units out there without the ability to update because of lapsed
> subscriptions and Barracuda's unwillingness to allow second hand units
> to be upgraded.
> 
> 
> 
> 
> 
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ