Wired has an article on the more spectacular of the flaws: http://www.wired.com/2015/12/researchers-solve-the-juniper-mystery-and-they-say-its-partially-the-nsas-fault/
See also the discussion and links here, which includes the above link: https://www.sans.org/newsletters/newsbites/xvii/99 Kurt On Tue, Dec 22, 2015 at 8:01 PM, Richard Stovall <[email protected]> wrote: > I don't believe I've seen these discussed on this forum. > > There are two major vulnerabilities with Juniper's ScreenOS in the wild > that are pretty scary for both both their immediate ramifications and their > long-term implications. > > Have a look at the following to see if you're affected. (And even if > you're not, consider the implications of what happened and how it could > affect you in the future.) > > > https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713&cat=SIRT_1&actp=LIST > > > Note that there are two different CVEs. Don't stop reading after the > first few paragraphs. > > Happy Christmas, > > RS >
