Juniper promises to fix ScreenOS cryptography … eventually

January 12, 2016

Via: InfoWorld
Juniper Networks plans to remove the problematic cryptographic functions used by its firewall and BPN appliances. Despite the good news, Juniper still has not answered some of the most perplexing questions regarding the ScreenOS saga.Juniper Networks launched an investigation in December after discovering unauthorized code in its ScreenOS software, which is used in NetScreen firewall, VPN, and traffic-shaping technology. The unauthorized code lets an attacker remotely gain administrative access to affected devices via SSH and telnet. It also lets an attacker with access to VPN connections decrypt VPN traffic passing through the appliance.

Read More on InfoWorld