nanog mailing list archives
Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS
From: Stephane Bortzmeyer <bortzmeyer () nic fr>
Date: Mon, 21 Dec 2015 09:31:37 +0100
On Fri, Dec 18, 2015 at 09:28:11AM +0100, Stephane Bortzmeyer <bortzmeyer () nic fr> wrote a message of 6 lines which said:
http://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554
The password for the first backdoor (the one regarding telnet/SSH access) has been published recently: https://community.rapid7.com/community/infosec/blog/2015/12/20/cve-2015-7755-juniper-screenos-authentication-backdoor Shodan finds 26000 ScreenOS machines reachable from the Internet. It will be a small botnet :-)
Current thread:
- [CVE-2015-7755] Backdoor in Juniper/ScreenOS Stephane Bortzmeyer (Dec 18)
- Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS Karsten Thomann (Dec 18)
- Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS Dave Taht (Dec 18)
- Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS Steven M. Bellovin (Dec 18)
- Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS Steven M. Bellovin (Dec 18)
- Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS Royce Williams (Dec 18)
- Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS Steven M. Bellovin (Dec 18)
- Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS Dave Taht (Dec 18)
- Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS Karsten Thomann (Dec 18)