[j-nsp] juniper hack news
Hugo Slabbert
hugo at slabnet.com
Sat Dec 26 16:16:27 EST 2015
On Sat 2015-Dec-26 07:58:47 -0800, Chris Cappuccio <chris at nmedia.net>
wrote:
>Hugo Slabbert [hugo at slabnet.com] wrote:
>> >Does this affect any other juniper gear ?
>>
>> Not as of this moment, no. It's limited to ScreenOS.
>>
>
>Sorry, this is false. It's clear in the documentation that
>JunOS was targeted as well.
Not by any means to discourage people from doing their own due diligence
and vetting for themselves whether their gear is affected, but either you
or I are reading different sources, or the holidays are affecting my
reading comprehension even more than I thought...
http://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554
> Q: What devices do these issues impact?
>
> Administrative access (CVE-2015-7755) only affects devices running ScreenOS
> 6.3.0r17 through 6.3.0r20.
>
> VPN Decryption (CVE-2015-7756) only affects devices running ScreenOS
> 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20.
>
> We strongly recommend that all customers update their systems and apply the
> patched releases with the highest priority
>
>
> Q: Is the SRX or any other Junos®-based system affected by these issues?
>
> These vulnerabilities are specific to ScreenOS. We have no evidence that
> the SRX or other devices running Junos are impacted at this time.
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713&cat=SIRT_1&actp=LIST&smlogin=true
> Administrative Access (CVE-2015-7755) allows unauthorized remote
> administrative access to the device. Exploitation of this vulnerability
> can lead to complete compromise of the affected device.
>
> This issue only affects ScreenOS 6.3.0r17 through 6.3.0r20. No other
> Juniper products or versions of ScreenOS are affected by this issue.
...
> VPN Decryption (CVE-2015-7756) may allow a knowledgeable attacker who can
> monitor VPN traffic to decrypt that traffic. It is independent of the
> first issue.
>
> This issue affects ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through
> 6.3.0r20. No other Juniper products or versions of ScreenOS are affected by
> this issue.
https://adamcaudill.com/2015/12/17/much-ado-about-juniper/
> This morning, Juniper Networks announced an out-of-cycle update for their
> ScreenOS firewall operating system (not the newer Junos[1]) to patch two
> unrelated issues (both identified as CVE-2015-7755):
Am I missing something that indicates this is known to affect Junos as
well?
--
Hugo
hugo at slabnet.com: email, xmpp/jabber
PGP fingerprint (B178313E):
CF18 15FA 9FE4 0CD1 2319 1D77 9AB1 0FFD B178 313E
(also on textsecure & redphone)
[1] https://twitter.com/llorenzin/status/677663294132457472
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20151226/443d55f4/attachment.sig>
More information about the juniper-nsp
mailing list