[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[CVE-2015-7755] Backdoor in Juniper/ScreenOS

Subject: [CVE-2015-7755] Backdoor in Juniper/ScreenOS
From: bortzmeyer at nic.fr (Stephane Bortzmeyer)
Date: Mon, 21 Dec 2015 09:31:37 +0100
In-reply-to: <[email protected]>
References: <[email protected]>

On Fri, Dec 18, 2015 at 09:28:11AM +0100,
 Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote 
 a message of 6 lines which said:

> http://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554

The password for the first backdoor (the one regarding telnet/SSH
access) has been published recently:

https://community.rapid7.com/community/infosec/blog/2015/12/20/cve-2015-7755-juniper-screenos-authentication-backdoor

Shodan finds 26000 ScreenOS machines reachable from the Internet. It
will be a small botnet :-)

References:
- [CVE-2015-7755] Backdoor in Juniper/ScreenOS
  - From: bortzmeyer at nic.fr (Stephane Bortzmeyer)

Prev by Date: Nat
Next by Date: Nat
Previous by thread: [CVE-2015-7755] Backdoor in Juniper/ScreenOS
Next by thread: [CVE-2015-7755] Backdoor in Juniper/ScreenOS
Index(es):
- Date
- Thread