We used nipper-ng with the following command:

nipper --screenos --input=config.conf --output=audit.html

to audit the Juniper NetScreen firewall config that Sitting Duck NOC provided us with.

The reported CVEs were checked manually, none were deemed relevant to this scenario.