nanog mailing list archives

Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS

From: Stephane Bortzmeyer <bortzmeyer () nic fr>
Date: Mon, 21 Dec 2015 09:31:37 +0100

On Fri, Dec 18, 2015 at 09:28:11AM +0100,
 Stephane Bortzmeyer <bortzmeyer () nic fr> wrote 
 a message of 6 lines which said:

http://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554


The password for the first backdoor (the one regarding telnet/SSH
access) has been published recently:

https://community.rapid7.com/community/infosec/blog/2015/12/20/cve-2015-7755-juniper-screenos-authentication-backdoor

Shodan finds 26000 ScreenOS machines reachable from the Internet. It
will be a small botnet :-)

Current thread:

[CVE-2015-7755] Backdoor in Juniper/ScreenOS Stephane Bortzmeyer (Dec 18)
- Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS Karsten Thomann (Dec 18)
  - Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS Dave Taht (Dec 18)
    - Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS Steven M. Bellovin (Dec 18)
    - Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS Steven M. Bellovin (Dec 18)
    - Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS Royce Williams (Dec 18)
    - Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS Steven M. Bellovin (Dec 18)
  - Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS A . L . M . Buxey (Dec 18)
- Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS Stephane Bortzmeyer (Dec 21)
- Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS Doug Barton (Dec 21)