[Reproducible-builds] Juniper ScreenOS backdoor

Holger Levsen holger at layer-acht.org
Mon Dec 21 19:44:00 UTC 2015

Hi Steven,

On Montag, 21. Dezember 2015, Steven Chamberlain wrote:
> One of the reproducible builds talk slides, showed a diff of OpenSSH
> before and after some off-by-one vulnerability was fixed.
> Here's a real-world malicious backdoor in Juniper ScreenOS's sshd:
> https://community.rapid7.com/servlet/JiveServlet/showImage/38-7376-36434/ss
> h.png The yellow highlighted string allows login as any user.  Full
> article:
> https://community.rapid7.com/community/infosec/blog/2015/12/20/cve-2015-77
> 55-juniper-screenos-authentication-backdoor

"neato" :/

https://github.com/hdm/juniper-cve-2015-7755/tree/master/firmware has links to 
the actual firmware images, I would appreciate if someone could throw them 
against (my.)diffoscope.org and share the links…!

> Whilst this may have been added in source code, it was well-disguised in
> the disassembly and just 7 instructions long.  I thought this was a good
> example of the current state-of-the-art, and why we'd like our binaries
> and eventually, installer and VM images reproducible IMHO.


thanks for sharing this here!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 828 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/reproducible-builds/attachments/20151221/d207b4b0/attachment.sig>

More information about the Reproducible-builds mailing list