Barracuda fixes MitM Holes

Monday, May 4, 2015 @ 10:05 AM gHale

Barracuda Networks patched critical flaws in the firmware of its Web Filter appliances, which could allow an attacker to execute a man-in-the-middle (MitM) attack without the client knowing it.

One vulnerability (CVE-2015-0961) results in the solution not checking upstream certificate validity when performing SSL inspection, and affects firmware prior to version

Router Software has Bug Issue
Misconfigured DNS Servers Vulnerable
Brute Force Attacks: Trawling for Passwords
Botnet Morph ‘Every Few Hours’

The other (CVE-2015-0962) makes the firmware use one of three different default certificates for multiple machines instead of a unique default root CA certificate for each unit. This flaw is in firmware versions 7.0 through 8.1.003.

The vulnerabilities ended up discovered after the CERT division at Carnegie Mellon University tested application for SSL implementation flaws. The company conducted its own audit of the Barracuda Web Filter, and found the flaws.

“We recommend installing version on your Barracuda Web Filter as soon as it is available, and that you not use the SSL inspection capabilities without upgrading to this firmware version,” they said.

For more information, you can also check CERT’s advisory.

Leave a Reply

You must be logged in to post a comment.