Problem solve Get help with specific problems with your technologies, process and projects.

How to plan for and mitigate a Barracuda vulnerability

Learn how to lock down a back-door vulnerability on Barracuda security devices and prevent attackers from accessing management accounts.

I understand there recently was a Barracuda vulnerability in which the network devices had back doors that were vulnerable to attack. What do these back doors expose on the network, and what can we do to secure them?

Ask the Expert!

Have questions about enterprise security? Send them via email today! (All questions are anonymous.)

According to Barracuda Networks, the affected appliances were Barracuda Spam & Virus Firewall, Barracuda Web Filter, Barracuda Message Archiver, Barracuda SSL VPN, Barracuda Web Application Firewall version 7.6.4 and earlier, and CudaTel.

In a nutshell, Barracuda enabled remote management functionality on those devices as a way of providing support to customers. When a security administrator at Company X runs into problems with his or her device, the admin simply places a call to Barracuda's support desk, and the technician can access the device over the Internet. This is fairly standard practice in the world of IT, right? Microsoft, Cisco and all of the other big boys do business this way all of the time. However, security researchers discovered that attackers could potentially gain access to some of the preconfigured management accounts by bypassing the preconfigured access control lists, giving them full access to the device. What was most disturbing is that Barracuda specializes in firewalls, so one would think that the vendor would have a better handle on the importance of allowing undocumented administrator accounts in its products.

In response to this vulnerability, Barracuda released a series of security definitions that helped to lock down the vulnerable devices better. The company also issued an apology for hardcoding back-door access into its products. As a security best practice, Barracuda recommends that end users place their Barracuda network device behind another firewall that places heavy restrictions on who and what can access the management side of the affected devices, which is something that I wholeheartedly agree with.

This was last published in July 2013

Dig Deeper on Network device security: Appliances, firewalls and switches

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.