We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

How is my Email Security Gateway affected by vulnerabilities in the Sender Policy Framework?

  • Type: Knowledgebase
  • Date changed: 10 months ago
Solution #00003698

Scope:
This solution applies to all Email Security Gateways, all firmware versions.

Answer:
Barracuda units do not rely upon or use libspf2; as a result Barracuda appliances are immune to this vulnerability and are unaffected. The following is for informational purposes only.

A vulnerability has recently been discovered in the libspf2 software library, which allows the execution of malicious code via the creation of a special record in the Domain Name System (DNS). Because firewalls and intrusion detection and prevention systems do not typically examine DNS records, DNS is a particularly vulnerable point of attack for hackers.

Networks hosting email servers located in the "De-militarized zone" (DMZ) are particularly vulnerable, as such servers will be publicly accessible while at the same time possessing access to the internal network. Therefore, exploitation of this vulnerability may allow an attacker to bypass security measures and gain access to internal network resources.

You should check your mail servers and any other commercial spam filtering solutions you may use to ensure that you have upgraded to the latest libspf2 version (1.2.8) in order to resolve this vulnerability.

Link to This Page:
https://campus.barracuda.com/solution/50160000000HTK1AAO