224 matches found
Juniper Networks ScreenOS Authentication Bypass (CVE-2015-7755)
An authentication bypass vulnerability exists in Juniper Networks ScreenOS. The vulnerability is due to the presence of a default administrative account with a hard-coded password. A remote, unauthenticated attacker could exploit this vulnerability to gain administrative access to the target...
Backdoor Vulnerability in Juniper Networks ScreenOS (CNVD-2015-08307)
ScreenOS is an operating system developed by Juniper Networks that runs on the NetScreen family of firewall products. An unauthorized access vulnerability exists in Juniper Networks ScreenOS, which can be exploited by an attacker to remotely gain administrative access to the device via SSH or...
Juniper Networks(瞻博网络)未授权访问漏洞
Author: xiaohu & mt 知道创宇404安全实验室 Date: 2015-12-23 漏洞信息: Juniper 网络公司(瞻博网络)作为全球领先的联网和安全性解决方案供应商,Juniper 网络公司对依赖网络获得战略性收益的客户一直给予密切关注。公司的客户来自全球各行各业,包括主要的网络运营商、企业、政府机构以及研究和教育机构等。Juniper 网络公司推出的一系列联网解决方案,提供所需的安全性和性能来支持全球最大型、最复杂、要求最严格的关键网络。 Juniper 网络公司在上周发表声明,称 NetScreen 与 Juniper SSG 防火墙产品使用的操作系统...
Backdoor Vulnerability in Juniper Networks ScreenOS (CNVD-2015-08306)
ScreenOS is an operating system developed by Juniper Networks that runs on the NetScreen family of firewall products. An unauthorized code vulnerability exists in Juniper Networks ScreenOS, which could be exploited by an attacker to decrypt VPN traffic on a NetScreen device...
Backdoor in ScreenOS (Telnet)
ScreenOS is vulnerable to an unauthorized remote administrative access to the device over SSH or telnet. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Backdoor in ScreenOS (SSH)
ScreenOS is vulnerable to an unauthorized remote administrative access to the device over SSH or telnet. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Juniper ScreenOS 6.3.0r20 SSH ssh-pka SSH Negotiation RCE (JSA10712)
The remote host is running Juniper ScreenOS version 6.3.0r20. It is, therefore, affected by a remote code execution vulnerability due to improper handling of specially crafted SSH negotiations when ssh-pka is configured. An unauthenticated, remote attacker can exploit this to cause a denial of...
Juniper ScreenOS contains multiple vulnerabilities
Overview Juniper Networks ScreenOS versions 6.3.0r17 through 6.3.0r20 allows unauthorized remote administration access to the device. Juniper Networks ScreenOS versions 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20 allow for an attacker to monitor and decrypt VPN traffic. Description...
CVE-2015-7756
The encryption implementation in Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and...
CVE-2015-7755
Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 allows...
Design/Logic Flaw
The encryption implementation in Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and...
Session fixation
Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 allows...
CVE-2015-7755
Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 allows...
CVE-2015-7755
Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 allows...
CVE-2015-7755
CVE-2015-7755 affects Juniper ScreenOS: multiple releases (6.2.0r15–6.2.0r18; 6.3.0r12–6.3.0r21) allow an unauthorized remote attacker to gain administrative access by entering an unspecified password during SSH or Telnet. The issue is an improper authentication vulnerability (CVE-2015-7755) with...
CVE-2015-7756
The encryption implementation in Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and...
CVE-2015-7756
VPN decryption vulnerability in Juniper ScreenOS (CVE-2015-7756) affects 6.2.0r15–6.2.0r18 and 6.3.0r12–6.3.0r20; encryption implementation allows a knowledgeable attacker monitoring ciphertext data to decrypt VPN traffic. Impact: confidentiality of VPN sessions can be compromised. No detection m...
CVE-2015-7755
Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 allows...
Juniper Firewalls with ScreenOS Backdoored Since 2012
Juniper Networks has announced that it has discovered "unauthorized code" in ScreenOS, the operating system for its NetScreen firewalls, that could allow an attacker to decrypt traffic sent through Virtual Private Networks VPNs. It's not clear what caused the code to get there or how long it has...
PT-2015-2867
Name of the Vulnerable Software and Affected Versions Juniper ScreenOS versions 6.2.0r15 through 6.2.0r18 Juniper ScreenOS versions 6.3.0r12 before 6.3.0r12b Juniper ScreenOS versions 6.3.0r13 before 6.3.0r13b Juniper ScreenOS versions 6.3.0r14 before 6.3.0r14b Juniper ScreenOS versions 6.3.0r15...