CVE-2015-0961 Information

Description

Barracuda Web Filter before 8.1.0.005 when SSL Inspection is enabled does not verify X.509 certificates from upstream SSL servers which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Reference

http://www.kb.cert.org/vuls/id/534407 https://blog.barracuda.com/2015/04/28/barracuda-delivers-updated-ssl-inspection-feature/ https://techlib.barracuda.com/BWF/UpdateSSLCerts https://www.barracuda.com/support/techalerts