[AusNOG] Juniper ScreenOS backdoor
Jonathan Thorpe
jthorpe at Conexim.com.au
Fri Dec 18 12:51:45 EST 2015
Hi All,
If anyone has any ScreenOS gear still running, you might want to have a look at this:
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713
It doesn't say as much, but US-CERT seem to indicate that this is effectively backdoor code:
https://www.us-cert.gov/ncas/current-activity/2015/12/17/Juniper-Releases-Out-band-Security-Advisory-ScreenOS
"Juniper has discovered unauthorized code in ScreenOS which could allow an attacker to take control of NetScreen devices and to decrypt VPN connections."
Not cool.
Kind Regards,
Jonathan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20151218/f7a7ad66/attachment.html>
More information about the AusNOG
mailing list