Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

barracudeHardcode.txt

🗓️ 17 Aug 2006 00:00:00Reported by Greg SinclairType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 22 Views

Barracuda Hardcoded Password Vulnerability - High Severit

Code
`Title: Barracuda Hardcoded Password Vulnerability  
Severity: High (Sensitive Information Disclosure)  
Date: 01 August 2006  
Version Affected: Barracuda Spam Firewall version 3.3.01.001 to 3.3.03.053  
Discovered by: Greg Sinclair ([email protected])  
Discovered on: 28 May 2006  
  
Overview:  
Barracuda Spam Firewalls (www.barracudanetworks.com) are vulnerable to  
information disclosure which is made possible by a default guest password  
  
Details:  
The Barracuda Spam Firewalls from version 3.3.01.001 to 3.3.02.053 have a hardcoded password for the "guest" account in the Login.pm script. This script is called to validate any user who attempts to login to the barracuda's web interface (typically at http://<deviceIP>:8080 or  
https://<deviceIP>). While the guest account has limited access, the following information can be obtained:  
  
* system configuration including IP accesses, admin IP ACLs  
* email message logs (but not the content of the messages)  
* version information of both spam/antivirus definitions and system firmware version  
  
Used in conjunction with the vulnerability "Barracuda Arbitrary File  
Disclosure" (NNL-20060801-02), the integrity of the system can be compromised. An attacker can use both vulnerabilities to download both  
confidential emails as well as the configuration information (including the admin password).  
  
Additionally, while some accounts such as "admin" are bound by user definable IP ACLs, the guest account is not. This means that sensitive  
information can be disclosed to ANY IP address regardless of the user defined network restrictions.  
  
Proof of Concept:  
Enter the username "guest" into the login page of any open barracuda and the password "bnadmin99"   
  
Recommendations:  
* Never allow your barracuda web interface to be accessible from untrusted networks (especially the Internet)  
  
* Upgrade to version 3.3.0.54 or later  
  
  
Vendor Contact:  
29 May 2006 - Initial Vendor Contact  
24 June 2006 - Vendor replies with prospect of fix  
17 July 2006 - NNL request status update, no reply  
01 Aug 2006 - NNL releases vuln report, notifies vendor of release  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
17 Aug 2006 00:00Current
7.4High risk
Vulners AI Score7.4
barracuda spam firewallhardcoded passwordinformation disclosureguest accountsystem configurationemail logsvulnerabilityarbitrary file disclosuredefault guest passwordversion 3.3.01.001 to 3.3.03.053greg sinclairvendor contact
22