NetScreen Honeypot SSH honeypot based on Cowrie with some modifications to look like a NetScreen device vulnerable to CVE-2015-7755 (backdoor password)
Juniper ScreenOS 6.2.0r15 up to and including 6.2.0r18, 6.3.0r12 prior to 6.3.0r12b, 6.3.0r13 prior to 6.3.0r13b, 6.3.0r14 prior to 6.3.0r14b, 6.3.0r15 prior to 6.3.0r15b, 6.3.0r16 prior to 6.3.0r16b, 6.3.0r17 prior to 6.3.0r17b, 6.3.0r18 prior to 6.3.0r18b, 6.3.0r19 prior to 6.3.0r19b, and 6.3.0r20 prior to 6.3.0r21 allows remote malicious users to obtain administrative access by entering an unspecified password during a (1) SSH or (2) TELNET session.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
juniper screenos 6.3.0 |
Download PDF The telecommunications industry keeps the world connected. Telecoms providers build, operate and manage the complex network infrastructures used for voice and data transmission – and they communicate and store vast amounts of sensitive data. This makes them a top target for cyber-attack. According to PwC’s Global State of Information Security, 2016, IT security incidents in the telecoms sector increased 45% in 2015 compared to the year before. Telecoms providers need to arm them...
Were firewalls up to date? Committee wants to know
A bunch of US government departments and agencies – from the military to NASA – are being grilled over their use of backdoored Juniper firewalls. The House of Representatives' Committee on Oversight and Government Reform fired off letters to top officials over the weekend, demanding to know if any of the dodgy NetScreen devices were used in federal systems. Juniper's ScreenOS software – the firmware that powers in its firewalls – was tampered with by mystery hackers a few years ago to in...
Networking biz silent on China dev centre as source of crooked code
Updated Juniper Networks has offered a more detailed description of the security issues resulting from its find of “unauthorised code” in ScreenOS, the software that powers its firewalls. The company's knowledge base article on the incident says: “The first issue allows unauthorized remote administrative access to the device over SSH or telnet. Exploitation of this vulnerability can lead to complete compromise of the affected system.” While the company points out that "upon exploitation ...