{"vuid":"VU#199348","idnumber":"199348","name":"Barracuda Spam Firewall contains hardcoded default login credentials","keywords":["Barracuda Spam Firewall","information disclosure","hardcoded password","guest account","Login.pm script"],"overview":"Barracuda Spam Firewalls from version 3.3.01.001 to 3.3.02.053 have default login credentials that cannot be modified by an administrator.","clean_desc":"Barracuda Spam Firewall appliances provide ingress and egress spam filtering for local area networks. An administrator will typically log into the device by supplying credentials to a secure web-interface. Barracuda Spam Firewalls version 3.3.01.001 to 3.3.02.053 have a guest account with a fixed username and password. This account can log in to the web interface and can not be restricted by the system's built-in access control lists.","impact":"A remote, unauthenticated attacker can view system configuration files or other sensitive data.","resolution":"Upgrade\nBarracuda has published updates that address this issue. Refer to the systems affected portion of this document for more details.","workarounds":"Restrict Access\nDo not allow access to the web interface of the Barracuda Spam Firewall from untrusted networks. Block Access to the Web Interface\nBlocking access to ports 443/tcp and 8080/tcp will prevent any user from logging into the web-interface, but will not interfere with the spam filtering functions of the firewall.","sysaffected":"","thanks":"Thanks to Greg Sinclair for reporting this vulnerability.","author":"This document was written by Ryan Giobbi.","public":["http://secunia.com/advisories/21258/","http://www.barracudanetworks.com/ns/products/spam_overview.php"],"cveids":["CVE-2006-4082"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2006-08-04T15:27:09Z","publicdate":"2006-08-01T00:00:00Z","datefirstpublished":"2006-08-24T14:41:56Z","dateupdated":"2006-08-29T18:30:34Z","revision":31,"vrda_d1_directreport":"0","vrda_d1_population":"2","vrda_d1_impact":"3","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"4","cam_population":"3","cam_impact":"6","cam_easeofexploitation":"20","cam_attackeraccessrequired":"20","cam_scorecurrent":"2.565","cam_scorecurrentwidelyknown":"3.24","cam_scorecurrentwidelyknownexploited":"5.94","ipprotocol":"tcp","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":2.565,"vulnote":null}