Details of VAR-201310-0383

ID

VAR-201310-0383

CVE

CVE-2013-6011

TITLE

Citrix NetScaler Application Delivery Controller Denial of Service Vulnerability

Trust: 1.5

sources: BID: 62788 // CNNVD: CNNVD-201310-171 // CNNVD: CNNVD-201310-011

DESCRIPTION

Citrix NetScaler Application Delivery Controller (ADC) 10.0 before 10.0-76.7 allows remote attackers to cause a denial of service (nsconfigd crash and appliance reboot) via a crafted request. This solution is mainly used to optimize, protect and control the delivery of various enterprise services and cloud services. A denial of service vulnerability exists in versions prior to Citrix NetScaler 10.0-76.7, which is due to an error in the ADC. An attacker could use this vulnerability to cause a denial of service

Trust: 2.52

sources: NVD: CVE-2013-6011 // JVNDB: JVNDB-2013-004506 // CNNVD: CNNVD-201310-171 // BID: 62788 // VULHUB: VHN-66013

AFFECTED PRODUCTS

vendor:	citrix	model:	netscaler application delivery controller	scope:	eq	version:	10.0.e	Trust: 1.6
vendor:	citrix	model:	netscaler application delivery controller	scope:	eq	version:	10.0	Trust: 1.6
vendor:	citrix	model:	netscaler application delivery controller	scope:	eq	version:	-	Trust: 1.0
vendor:	citrix	model:	netscaler application delivery controller	scope:	-	version:	-	Trust: 0.8
vendor:	citrix	model:	netscaler application delivery controller	scope:	eq	version:	10.0-76.7	Trust: 0.8
vendor:	citrix	model:	netscaler application delivery controller	scope:	lt	version:	10.0	Trust: 0.8

sources: JVNDB: JVNDB-2013-004506 // CNNVD: CNNVD-201310-011 // NVD: CVE-2013-6011

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-6011
value:	HIGH
Trust: 1.0
NVD:	CVE-2013-6011
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201310-011
value:	HIGH
Trust: 0.6
VULHUB:	VHN-66013
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2013-6011
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-66013
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-66013 // JVNDB: JVNDB-2013-004506 // CNNVD: CNNVD-201310-011 // NVD: CVE-2013-6011

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-66013 // JVNDB: JVNDB-2013-004506 // NVD: CVE-2013-6011

THREAT TYPE

remote

Trust: 1.2

sources: CNNVD: CNNVD-201310-171 // CNNVD: CNNVD-201310-011

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201310-011

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-004506

PATCH

title:

CTX139017

url:

http://support.citrix.com/article/ctx139017

Trust: 0.8

sources: JVNDB: JVNDB-2013-004506

EXTERNAL IDS

db:	NVD	id:	CVE-2013-6011	Trust: 2.8
db:	BID	id:	62788	Trust: 1.0
db:	JVNDB	id:	JVNDB-2013-004506	Trust: 0.8
db:	CNNVD	id:	CNNVD-201310-011	Trust: 0.7
db:	CNNVD	id:	CNNVD-201310-171	Trust: 0.6
db:	BUGTRAQ	id:	20131003 SEC CONSULT SA-20131003-0 :: DENIAL OF SERVICE VULNERABILITY IN CITRIX NETSCALER	Trust: 0.6
db:	VULHUB	id:	VHN-66013	Trust: 0.1

sources: VULHUB: VHN-66013 // BID: 62788 // JVNDB: JVNDB-2013-004506 // CNNVD: CNNVD-201310-171 // CNNVD: CNNVD-201310-011 // NVD: CVE-2013-6011

REFERENCES

url:	http://archives.neohapsis.com/archives/bugtraq/2013-10/0016.html	Trust: 1.7
url:	http://support.citrix.com/article/ctx139017	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6011	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6011	Trust: 0.8
url:	http://www.securityfocus.com/bid/62788	Trust: 0.6
url:	http://www.citrix.com/	Trust: 0.3

sources: VULHUB: VHN-66013 // BID: 62788 // JVNDB: JVNDB-2013-004506 // CNNVD: CNNVD-201310-171 // CNNVD: CNNVD-201310-011 // NVD: CVE-2013-6011

CREDITS

Stefan Viehbck of SEC Consult Vulnerability Lab

Trust: 0.6

sources: CNNVD: CNNVD-201310-171

SOURCES

db:	VULHUB	id:	VHN-66013
db:	BID	id:	62788
db:	JVNDB	id:	JVNDB-2013-004506
db:	CNNVD	id:	CNNVD-201310-171
db:	CNNVD	id:	CNNVD-201310-011
db:	NVD	id:	CVE-2013-6011

LAST UPDATE DATE

2024-11-23T22:56:39.655000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-66013	date:	2013-10-07T00:00:00
db:	BID	id:	62788	date:	2013-10-16T01:04:00
db:	JVNDB	id:	JVNDB-2013-004506	date:	2013-10-08T00:00:00
db:	CNNVD	id:	CNNVD-201310-171	date:	2013-10-12T00:00:00
db:	CNNVD	id:	CNNVD-201310-011	date:	2013-10-08T00:00:00
db:	NVD	id:	CVE-2013-6011	date:	2024-11-21T01:58:37.033

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-66013	date:	2013-10-04T00:00:00
db:	BID	id:	62788	date:	2013-10-03T00:00:00
db:	JVNDB	id:	JVNDB-2013-004506	date:	2013-10-08T00:00:00
db:	CNNVD	id:	CNNVD-201310-171	date:	2013-10-12T00:00:00
db:	CNNVD	id:	CNNVD-201310-011	date:	2013-10-08T00:00:00
db:	NVD	id:	CVE-2013-6011	date:	2013-10-04T17:55:10.023