Juniper have just released a product security alert regarding their NetScreen / ScreenOS devices. During an audit, it was discovered that their source code was compromised and an unknown attacker planted a backdoor within the firewall code.
The backdoor permitted: 1. Unauthenticated remote administrative access over SSH or telnet. 2. IPSec VPN traffic decryption (possibly by leaking private keys to the attacker). Detailed information can be found in JSA10713. Am I vulnerable? The ScreenOS firmware was compromised in August 2012. Only ScreenOS versions 6.2.0r15 to 6.2.0r18, and 6.3.0r12 to 6.3.0r20 are known to contain the backdoor. If you are running a version number below this release, earlier than August 2012, then your network should be secure. Juniper recommends that anyone using these firmware versions should upgrade immediately. Fixes are included in: 6.3.0r12b, 6.3.0r13b, 6.3.0r14b, 6.3.0r15b, 6.3.0r16b, 6.3.0r17b, 6.3.0r18b, 6.3.0r19b CVE-2015-7755 has been assigned for this issue. This is a timely reminder to employ "defence in depth" techniques, such as installing layered firewalls from different vendors, to protect your internal assets in the event one is defeated. Have a safe and relaxing holiday season, |
Archives
September 2017
Categories
All
|
|
|