Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Please confirm whether your firmware is affected by the new OpenSSL defect

jgu_
Occasional Contributor
‎04-10-2014 09:26:AM
‎04-10-2014 09:26:AM

Re: Please confirm whether your firmware is affected by the new OpenSSL defect

Thanks, is this image a SSL-VPN server memory dump? or decrypted tcpdump from wire? if it is the latter, I am not going to be too concerned, because it takes time for the attackers to get the private key and even harder for them to intercept the communication(unless they are NSA), if it is the former, it is going to be very very scary.

0 Kudos
flip_pipe_
Frequent Contributor
‎04-10-2014 09:41:AM
‎04-10-2014 09:41:AM

Re: Please confirm whether your firmware is affected by the new OpenSSL defect

It is a dump from the memory, using this script http://pastebin.com/WmxzjkXJ

 

My certificates where generated in the SA itself, so, I don't have the private keys to decrypt the traffic.

0 Kudos
flip_pipe_
Frequent Contributor
‎04-10-2014 11:41:AM
‎04-10-2014 11:41:AM

Re: Please confirm whether your firmware is affected by the new OpenSSL defect

 

We revoke our wildcard certificate, but to test proposes we maintain out test box with the revoked certificate.

 

Now, I found Junos Pulse doesn't check if the certificated is revoked or not... just connects... without any warnings.

 

Network Connect, complains about it and don't allow the connection.

 

All browsers (FF, IE, and Chrome) didn't allow the connection to the test box.

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.