CERT-In Advisory
CIAD-2015-0070
Multiple Security vulnerabilities in Juniper NetScreen ScreenOS platforms
Original Issue Date: December 30, 2015
Severity Rating: High
Systems Affected
- ScreenOS 6.2.0r15 through 6.2.0r18
- ScreenOS 6.3.0r12 through 6.3.0r20
Overview
Two critical vulnerabilities have been reported in Juniper Netsceren ScreenOS platforms. Exploitation of these vulnerabilities allows an unauthorized remote attacker to gain privileged access to the NetScreen devices via telnet /SSH and to decrypt VPN traffic.
Description
1. Unauthorized remote administrative access to ScreenOS
(
CVE-2015-7755
)
The ScreenOS 6.3.0r17 through 6.3.0r20 is "hardcoded" with a backdoor password which allows a remote attacker to bypass authentication through SSH/telnet and gain complete control of the device.
2. ScreenOS VPN decryption vulnerability
(
CVE-2015-7756
)
The weakness in the random number generation implementation (Dual_EC_DRBG) in ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20 lets a remote attacker to monitor and decrypt the VPN connections.
Solution
Vendor Information
Juniper
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713
References
Juniper
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713
https://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554
US-CERT
https://www.kb.cert.org/vuls/id/640184
Security Tracker
http://securitytracker.com/id/1034489
CVE Name
CVE-2015-7755
CVE-2015-7756
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Email: info@cert-in.org.in Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, CGO Complex, Lodhi Road,
New Delhi - 110 003
India
|