firewall BarracudaSpam Filter Beset by Major Flaw - FIGHTERtools

BarracudaSpam Filter Beset by Major Flaw

A lack of input sanitization in the Linux-based Barracuda spam firewall Web interface, combined with privilege elevation techniques, can allow a full system compromise by unauthenticated users.


"This is a major vulnerability: exposed and unpatched systems can be fully and simply accessed by any attacker," Matthew Hall, a security engineer for the Internet Defence Incident Response Team at UK-based ECSC Ltd. "As a key security device, this represents a highly significant problem."


Hall says his team has been responding to the incident on behalf of a client who uses Barracuda. "We are now aware the latest firmware version provides some degree of protection," says Hall.


According to the advisory, using this vulnerability, it is possible to leverage further privileges, as the http daemon is granted root level access to several system commands. Access to some commands allowed further privilege escalation by setting the 'suid' bit on several othe...

ยป Application Development Trade - Shawna McAlearney - 07-08-2006

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Press Releases - IT Security News

Go back to previous page
Next

Products

SPAMfighter
SLOW-PCfighter
FULL-DISKfighter
DRIVERfighter
PASSWORDfighter
VIRUSfighter
SPYWAREfighter
Anti spam / Anti virus server solutions

About

Company
Contact us
Press room
Support
Blog
Sign up for newsletters

Partnerships

Become a partner
Become a reseller
Find a reseller
Become an affiliate
White Label Software

Social media

Facebook
Twitter
Youtube
LinkedIn
Google+
© SPAMfighter 2003-2013    All rights reserved.    Privacy Statement    Sitemap