Details of VAR-201403-0145

ID

VAR-201403-0145

CVE

CVE-2013-6938

TITLE

Citrix NetScaler SDX and Application Delivery Controller Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-006141

DESCRIPTION

Unspecified vulnerability in the Service VM in Citrix NetScaler SDX 9.3 before 9.3-64.4 and 10.0 before 10.0-77.5 and Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of service via unknown vectors, related to the "Virtual Machine Daemon.". Citrix NetScaler is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Citrix Systems NetScaler SDX and Application Delivery Controller (ADC) are service and application delivery solutions (application delivery controllers) of Citrix Systems (Citrix Systems), mainly used to optimize, protect and control various enterprise services and clouds Delivery of Services. The following versions are affected: Citrix NetScaler SDX versions 9.3 and 10.0 and versions 9.3.x prior to Application Delivery Controller (ADC) 9.3-64.4, 10.0, 10.1

Trust: 1.98

sources: NVD: CVE-2013-6938 // JVNDB: JVNDB-2013-006141 // BID: 66008 // VULHUB: VHN-66940

AFFECTED PRODUCTS

vendor:	citrix	model:	netscaler application delivery controller	scope:	eq	version:	10.1	Trust: 1.6
vendor:	citrix	model:	netscaler application delivery controller	scope:	eq	version:	9.3\(1\)	Trust: 1.6
vendor:	citrix	model:	netscaler application delivery controller	scope:	eq	version:	9.3.e	Trust: 1.6
vendor:	citrix	model:	netscaler application delivery controller	scope:	eq	version:	10.0	Trust: 1.6
vendor:	citrix	model:	netscaler application delivery controller	scope:	eq	version:	10.0-77.5	Trust: 0.8
vendor:	citrix	model:	netscaler application delivery controller	scope:	lt	version:	9.3.x	Trust: 0.8
vendor:	citrix	model:	netscaler application delivery controller	scope:	eq	version:	10.1-118.7	Trust: 0.8
vendor:	citrix	model:	netscaler application delivery controller	scope:	eq	version:	9.3-64.4	Trust: 0.8
vendor:	citrix	model:	netscaler application delivery controller	scope:	lt	version:	10.0	Trust: 0.8
vendor:	citrix	model:	netscaler application delivery controller	scope:	lt	version:	10.1	Trust: 0.8

sources: JVNDB: JVNDB-2013-006141 // CNNVD: CNNVD-201403-184 // NVD: CVE-2013-6938

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-6938
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2013-6938
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201403-184
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-66940
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2013-6938
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-66940
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-66940 // JVNDB: JVNDB-2013-006141 // CNNVD: CNNVD-201403-184 // NVD: CVE-2013-6938

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2013-6938

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201403-184

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201403-184

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-006141

PATCH

title:	CTX140113	url:	http://support.citrix.com/article/CTX140113	Trust: 0.8
title:	CTX139049	url:	http://support.citrix.com/article/CTX139049	Trust: 0.8

sources: JVNDB: JVNDB-2013-006141

EXTERNAL IDS

db:	NVD	id:	CVE-2013-6938	Trust: 2.8
db:	JVNDB	id:	JVNDB-2013-006141	Trust: 0.8
db:	SECUNIA	id:	57280	Trust: 0.6
db:	SECUNIA	id:	57279	Trust: 0.6
db:	CNNVD	id:	CNNVD-201403-184	Trust: 0.6
db:	BID	id:	66008	Trust: 0.4
db:	VULHUB	id:	VHN-66940	Trust: 0.1

sources: VULHUB: VHN-66940 // BID: 66008 // JVNDB: JVNDB-2013-006141 // CNNVD: CNNVD-201403-184 // NVD: CVE-2013-6938

REFERENCES

url:	http://support.citrix.com/article/ctx139049	Trust: 1.7
url:	http://support.citrix.com/article/ctx140113	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6938	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6938	Trust: 0.8
url:	http://secunia.com/advisories/57279	Trust: 0.6
url:	http://secunia.com/advisories/57280	Trust: 0.6
url:	http://www.citrix.com/	Trust: 0.3

sources: VULHUB: VHN-66940 // BID: 66008 // JVNDB: JVNDB-2013-006141 // CNNVD: CNNVD-201403-184 // NVD: CVE-2013-6938

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 66008

SOURCES

db:	VULHUB	id:	VHN-66940
db:	BID	id:	66008
db:	JVNDB	id:	JVNDB-2013-006141
db:	CNNVD	id:	CNNVD-201403-184
db:	NVD	id:	CVE-2013-6938

LAST UPDATE DATE

2024-11-23T21:45:20.922000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-66940	date:	2014-03-11T00:00:00
db:	BID	id:	66008	date:	2014-03-07T01:25:00
db:	JVNDB	id:	JVNDB-2013-006141	date:	2014-03-12T00:00:00
db:	CNNVD	id:	CNNVD-201403-184	date:	2014-03-12T00:00:00
db:	NVD	id:	CVE-2013-6938	date:	2024-11-21T02:00:00.687

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-66940	date:	2014-03-11T00:00:00
db:	BID	id:	66008	date:	2014-03-05T00:00:00
db:	JVNDB	id:	JVNDB-2013-006141	date:	2014-03-12T00:00:00
db:	CNNVD	id:	CNNVD-201403-184	date:	2014-03-12T00:00:00
db:	NVD	id:	CVE-2013-6938	date:	2014-03-11T13:00:26.937