[186516] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS

daemon@ATHENA.MIT.EDU (Stephane Bortzmeyer)
Mon Dec 21 03:32:11 2015

X-Original-To: nanog@nanog.org
Date: Mon, 21 Dec 2015 09:31:37 +0100
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: nanog@nanog.org
In-Reply-To: <20151218082811.GA13639@nic.fr>
Errors-To: nanog-bounces@nanog.org

On Fri, Dec 18, 2015 at 09:28:11AM +0100,
 Stephane Bortzmeyer <bortzmeyer@nic.fr> wrote 
 a message of 6 lines which said:

> http://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554

The password for the first backdoor (the one regarding telnet/SSH
access) has been published recently:

https://community.rapid7.com/community/infosec/blog/2015/12/20/cve-2015-7755-juniper-screenos-authentication-backdoor

Shodan finds 26000 ScreenOS machines reachable from the Internet. It
will be a small botnet :-)


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[186516] in North American Network Operators' Group

Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS

daemon@ATHENA.MIT.EDU (Stephane Bortzmeyer)Mon Dec 21 03:32:11 2015

daemon@ATHENA.MIT.EDU (Stephane Bortzmeyer)
Mon Dec 21 03:32:11 2015