| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 08 Oct 2010 09:54:29 +0100 From: "corpus.defero" <corpus.defero@...et.com> To: full-disclosure <full-disclosure@...ts.grok.org.uk> Subject: Barracuda Networks Spam & Virus Firewall <= 4.1.1.021 Remote Configuration Retrieval I can't take the credit for this: http://www.exploit-db.com/exploits/15130/ The Barracuda Spam & Virus Firewall is a hardware device designed to filter out spam from email. Basically a Linux (Mandrake) device running Postfix, Spamassassin, Clam-AV, Apache and AmavisNew. Configuration of the unit is by way of a GUI (Apache derived local website) listening on port 8000. If the owner has this open to the outside world the unit is seriously at risk to remote exploit. If not the exploit is usable locally only. The exploit will allow the entire configuration to be viewed in plain text with no encryption. Potentially this is huge as the database contains usernames/passwords/back end server details/ldap & active directory credentials to name but a few. Because it contains a number of MTA's it can be used as an SMTP proxy to send spam with one simple config change (which I won't detail). Given the purpose of the unit, is somewhat ironic. This may have been fixed in newer firmwares, but there are a ton of these units out there without the ability to update because of lapsed subscriptions and Barracuda's unwillingness to allow second hand units to be upgraded. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists