![]() Given the severity of this issue, we decided to investigate. A quick Shodan search identified approximately 26,000 internet-facing Netscreen devices with SSH open. Shortly after Juniper posted the advisory, an employee of Fox-IT stated that they were able to identify the backdoor password in six hours. This advisory covered two distinct issues a backdoor in the VPN implementation that allows a passive eavesdropper to decrypt traffic and a second backdoor that allows an attacker to bypass authentication in the SSH and Telnet daemons. On December 18th, 2015 Juniper issued an advisory indicating that they had discovered unauthorized code in the ScreenOS software that powers their Netscreen firewalls.
0 Comments
Leave a Reply. |