Firewall Breached - Juniper Releases Fix Patches

(RTTNews) - A firewall after all cannot be a foolproof guarantee for security of your network and that is what Juniper has come to discover.

Juniper said Thursday it discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen devices and to decrypt VPN connections.

ScreenOS is an operating system used to manage firewalls sold by Juniper. Firewall is a network security system that monitors and controls the incoming and outgoing network traffic based on some security rules.

The unauthorized code was found during a recent internal code review, Bob Worrall, Juniper's chief information officer, said.

After identifying these vulnerabilities, the firm launched an investigation into the matter, and worked to develop and issue patched releases for the latest versions of ScreenOS.

All NetScreen devices using ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20 are affected by these issues and require patching.

The company has not received any reports of these vulnerabilities being exploited, but recommended that customers update their systems and apply the patched releases with the highest priority.

Juniper said these vulnerabilities are specific to ScreenOS, and it has no evidence that the SRX or other devices running Junos are impacted at this time.