Wow.
*ASB **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker> *Providing Virtual CIO Services (IT Operations & Information Security) for the SMB market…* * GPG: *1AF3 EEC3 7C3C E88E B0EF 4319 8F28 A483 A182 EF3A On Tue, Dec 22, 2015 at 11:14 PM, Kurt Buff <[email protected]> wrote: > Wired has an article on the more spectacular of the flaws: > > http://www.wired.com/2015/12/researchers-solve-the-juniper-mystery-and-they-say-its-partially-the-nsas-fault/ > > See also the discussion and links here, which includes the above link: > https://www.sans.org/newsletters/newsbites/xvii/99 > > Kurt > > On Tue, Dec 22, 2015 at 8:01 PM, Richard Stovall <[email protected]> > wrote: > >> I don't believe I've seen these discussed on this forum. >> >> There are two major vulnerabilities with Juniper's ScreenOS in the wild >> that are pretty scary for both both their immediate ramifications and their >> long-term implications. >> >> Have a look at the following to see if you're affected. (And even if >> you're not, consider the implications of what happened and how it could >> affect you in the future.) >> >> >> https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713&cat=SIRT_1&actp=LIST >> >> >> Note that there are two different CVEs. Don't stop reading after the >> first few paragraphs. >> >> Happy Christmas, >> >> RS >> > >
