Sign-up

ID

VAR-201310-0385


CVE

CVE-2013-6013


TITLE

Juniper Networks SRX Runs on the device Junos of flow Daemon buffer overflow vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2013-004805

DESCRIPTION

Buffer overflow in the flow daemon (flowd) in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7-S2, 12.1.X44 before 12.1X44-D15, 12.1X45 before 12.1X45-D10 on SRX devices, when using telnet pass-through authentication on the firewall, might allow remote attackers to execute arbitrary code via a crafted telnet message. Juniper Networks Junos is prone to a remote buffer-overflow vulnerability. Attackers may leverage this issue to execute arbitrary code in the context of the affected device. Failed exploit attempts may result in a denial-of-service condition. The operating system provides a secure programming interface and Junos SDK. The following versions are affected: Junos 10.4 and earlier, 11.4, 12.1X44, 12.1X45

Trust: 1.98

sources: NVD: CVE-2013-6013 // JVNDB: JVNDB-2013-004805 // BID: 62962 // VULHUB: VHN-66015

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:4.0

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:5.0

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:11.4

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:4.1

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:4.3

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:12.1x44

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:4.2

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:4.4

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:5.1

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:12.1x45

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:6.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:9.1

Trust: 1.0

vendor:junipermodel:junosscope:lteversion:10.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:9.5

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:5.3

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:6.3

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:5.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:7.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:8.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:5.7

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:7.3

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:9.6

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:9.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:8.0

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:5.5

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:5.6

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:6.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:5.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:8.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:6.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:6.0

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:9.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:7.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:7.6

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:8.3

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:7.5

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:7.0

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:8.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:7.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:9.0

Trust: 1.0

vendor:junipermodel:junos osscope:ltversion:12.1x44

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:10.4

Trust: 0.8

vendor:junipermodel:srx3400scope: - version: -

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:11.4r7-s2

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:11.4

Trust: 0.8

vendor:junipermodel:srx210scope: - version: -

Trust: 0.8

vendor:junipermodel:srx650scope: - version: -

Trust: 0.8

vendor:junipermodel:srx550scope: - version: -

Trust: 0.8

vendor:junipermodel:srx5800scope: - version: -

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.1x45

Trust: 0.8

vendor:junipermodel:srx100scope: - version: -

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.1x45-d10

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.1x44-d15

Trust: 0.8

vendor:junipermodel:srx220scope: - version: -

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:10.4s14

Trust: 0.8

vendor:junipermodel:srx5600scope: - version: -

Trust: 0.8

vendor:junipermodel:srx110scope: - version: -

Trust: 0.8

vendor:junipermodel:srx240scope: - version: -

Trust: 0.8

vendor:junipermodel:srx1400scope: - version: -

Trust: 0.8

vendor:junipermodel:srx3600scope: - version: -

Trust: 0.8

vendor:junipermodel:networks srx5800scope:eqversion:5800

Trust: 0.3

vendor:junipermodel:networks junosscope:eqversion:10.4

Trust: 0.3

sources: BID: 62962 // JVNDB: JVNDB-2013-004805 // CNNVD: CNNVD-201310-462 // NVD: CVE-2013-6013

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-6013
value: MEDIUM

Trust: 1.0

NVD: CVE-2013-6013
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201310-462
value: MEDIUM

Trust: 0.6

VULHUB: VHN-66015
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2013-6013
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-66015
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-66015 // JVNDB: JVNDB-2013-004805 // CNNVD: CNNVD-201310-462 // NVD: CVE-2013-6013

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-66015 // JVNDB: JVNDB-2013-004805 // NVD: CVE-2013-6013

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201310-462

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201310-462

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-004805

PATCH
title:JSA10594url:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10594
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2013-004805

EXTERNAL IDS
db:NVDid:CVE-2013-6013
Trust: 2.8
db:BIDid:62962
Trust: 2.0
db:SECUNIAid:55109
Trust: 1.7
db:JUNIPERid:JSA10594
Trust: 1.7
db:SECTRACKid:1029175
Trust: 1.1
db:OSVDBid:98369
Trust: 1.1
db:JVNDBid:JVNDB-2013-004805
Trust: 0.8
db:CNNVDid:CNNVD-201310-462
Trust: 0.7
db:VULHUBid:VHN-66015
Trust: 0.1
sources:
            
            
            VULHUB: VHN-66015 // 
            
            
            
            BID: 62962 // 
            
            
            
            JVNDB: JVNDB-2013-004805 // 
            
            
            
            CNNVD: CNNVD-201310-462 // 
            
            
            
            NVD: CVE-2013-6013

REFERENCES
url:http://www.securityfocus.com/bid/62962
Trust: 1.7
url:http://secunia.com/advisories/55109
Trust: 1.7
url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10594
Trust: 1.6
url:http://osvdb.org/98369
Trust: 1.1
url:http://www.securitytracker.com/id/1029175
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/87847
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6013
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6013
Trust: 0.8
url:http://www.juniper.net/
Trust: 0.3
url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10594
Trust: 0.1
sources:
            
            
            VULHUB: VHN-66015 // 
            
            
            
            BID: 62962 // 
            
            
            
            JVNDB: JVNDB-2013-004805 // 
            
            
            
            CNNVD: CNNVD-201310-462 // 
            
            
            
            NVD: CVE-2013-6013

CREDITS
The vendor reported this issue
Trust: 0.3
sources:
            
            
            BID: 62962

SOURCES
db:VULHUBid:VHN-66015
db:BIDid:62962
db:JVNDBid:JVNDB-2013-004805
db:CNNVDid:CNNVD-201310-462
db:NVDid:CVE-2013-6013

LAST UPDATE DATE
2024-11-23T23:12:48.447000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-66015date:2017-08-29T00:00:00
db:BIDid:62962date:2013-10-11T00:00:00
db:JVNDBid:JVNDB-2013-004805date:2013-10-22T00:00:00
db:CNNVDid:CNNVD-201310-462date:2013-10-21T00:00:00
db:NVDid:CVE-2013-6013date:2024-11-21T01:58:37.300

SOURCES RELEASE DATE
db:VULHUBid:VHN-66015date:2013-10-17T00:00:00
db:BIDid:62962date:2013-10-11T00:00:00
db:JVNDBid:JVNDB-2013-004805date:2013-10-22T00:00:00
db:CNNVDid:CNNVD-201310-462date:2013-10-21T00:00:00
db:NVDid:CVE-2013-6013date:2013-10-17T23:55:04.657