Barracuda fixes critical MITM flaws in its Web Filter

Barracuda Networks has issued a security update that patches critical flaws in the firmware of its Web Filter appliances, which could lead to an attacker successfully performing a man-in-the-middle (MITM) attack without the client knowing it.

One vulnerability (CVE-2015-0961) results in the solution not checking upstream certificate validity when performing SSL inspection, and affects firmare prior to version 8.1.0.005.

The other (CVE-2015-0962) makes the firmware use one of three different default certificates for multiple machines instead of a unique default root CA certificate for each unit. This flaw is found in firmware versions 7.0 through 8.1.003.

The vulnerabilities were discovered after the CERT division at Carnegie Mellon University tested a considerable number of application for SSL implementation flaws. The company conducted its own audit of the Barracuda Web Filter, and found the flaws.

“We recommend installing version 8.1.0.005 on your Barracuda Web Filter as soon as it is available, and that you not use the SSL inspection capabilities without upgrading to this firmware version,” they noted.

For more information, you can also check CERT’s advisory.