CVE-2020-14500

The discovered bug occurs due to improper handling of some of the HTTP request headers provided by the client. This could allow an attacker to remotely exploit GateManager to achieve remote code execution without any authentication required. If carried out successfully, such an attack could resul...

Juniper ScreenOS contains multiple vulnerabilities

Overview Juniper Networks ScreenOS versions 6.3.0r17 through 6.3.0r20 allows unauthorized remote administration access to the device. Juniper Networks ScreenOS versions 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20 allow for an attacker to monitor and decrypt VPN traffic. Description...

Juniper Patches ScreenOS Backdoor

Juniper Networks today has released an emergency patch that removes what it’s calling “unauthorized code” from ScreenOS that could allow attackers to decrypt VPN traffic from NetScreen devices. Juniper has not commented on the origin of the code it found. However, Juniper’s products were singled...

Juniper Releases Out-of-band Security Advisory for ScreenOS

Juniper has discovered unauthorized code in ScreenOS which could allow an attacker to take control of NetScreen devices and to decrypt VPN connections. US-CERT recommends that users and administrators review Juniper Security Bulletin 2015-12 and update all affected ScreenOS versions. This product...