1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Juniper updates list of backdoored enterprise firewall OS versions

Discussion in 'Network World' started by RSS, Dec 21, 2015.

  1. RSS

    RSS New Member Member

    Juniper revised the list of ScreenOS versions that contain a backdoor allowing attackers to bypass authentication and gain administrative access to NetScreen enterprise firewall devices.

    The networking equipment manufacturer announced last week that it found, during an internal audit, two instances where rogue code was added to its ScreenOS operating system without authorization. The code could be used by attackers to gain privileged access to NetScreen firewall devices and to decrypt VPN connections.

    The company said at the time that ScreenOS versions 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20 were vulnerable, but an analysis by researchers from security firm Rapid7 revealed that not all listed versions are vulnerable to both issues.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page