[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[CVE-2015-7755] Backdoor in Juniper/ScreenOS

Subject: [CVE-2015-7755] Backdoor in Juniper/ScreenOS
From: smb at cs.columbia.edu (Steven M. Bellovin)
Date: Fri, 18 Dec 2015 11:52:42 -0500
In-reply-to: <CAA93jw541rK_etQa=4qsXYzCdAuw3+KFtidYdSCL-M9kXxEiMQ@mail.gmail.com>
References: <[email protected]> <2790549.8LFx1ecJs8@linne> <CAA93jw541rK_etQa=4qsXYzCdAuw3+KFtidYdSCL-M9kXxEiMQ@mail.gmail.com>

On 18 Dec 2015, at 7:28, Dave Taht wrote:

> I think "unauthorized code" is still plausible newspeak for "bug".
>
> Why blame finger foo when you can blame terrorists?

It looks like two different holes, one a back door for unauthorized
console login and one to somehow leak VPN encryption keys.  There are
hints that that latter involved tinkering with certain constants in
the crypto (https://twitter.com/matthew_d_green/status/677871004354371584);
that would squarely point the finger at some government's intelligence
agency.

I don't know who did it, but neither 'bug' nor 'developer debugging
code' sounds plausible here.

Follow-Ups:
- [CVE-2015-7755] Backdoor in Juniper/ScreenOS
  - From: smb at cs.columbia.edu (Steven M. Bellovin)

References:
- [CVE-2015-7755] Backdoor in Juniper/ScreenOS
  - From: bortzmeyer at nic.fr (Stephane Bortzmeyer)
- [CVE-2015-7755] Backdoor in Juniper/ScreenOS
  - From: karsten_thomann at linfre.de (Karsten Thomann)
- [CVE-2015-7755] Backdoor in Juniper/ScreenOS
  - From: dave.taht at gmail.com (Dave Taht)

Prev by Date: Nat
Next by Date: [CVE-2015-7755] Backdoor in Juniper/ScreenOS
Previous by thread: [CVE-2015-7755] Backdoor in Juniper/ScreenOS
Next by thread: [CVE-2015-7755] Backdoor in Juniper/ScreenOS
Index(es):
- Date
- Thread