SSH ExploitCritical SSH Exploit in Barracuda

Appliances, and What You Can Do To Fix It.

Systems Effected

• Barracuda Spam and Virus Firewall

• Barracuda Web Filter

• Barracuda Message Archiver

• Barracuda Web Application Firewall

• Barracuda Link Balancer

• Barracuda Load Balancer

• Barracuda SSL VPN

• ALL VERSIONS

Issue

• Eight default accounts exist

• Used for diagnose by Barracuda on an

appliance

• They cannot be disabled

• Passwords cannot be changed

Exploits

• Account passwords can be broken with

dictionary attack

• The product account can used to create

new users with administrative privileges

• Root access can be obtained

Fix

• Barracuda currently working on patch

• Until then, make sure to load security

definition 2.0.5 (It’s possible the root

account could still be cracked)

• Prevents unauthorized users from SSH to

appliance

Need Help?

• We can help get you up to date

• Visit us at

http://www.gti1.com/about-us/contact-us/

• Join our upcoming webinar (URL below)

to see how we can help with DLP / Email