Details of VAR-201912-1585

ID

VAR-201912-1585

CVE

CVE-2013-3542

TITLE

plural Grandstream Vulnerabilities related to the use of hard-coded credentials in product firmware

Trust: 0.8

sources: JVNDB: JVNDB-2013-007004

DESCRIPTION

Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models with firmware 1.0.4.11, have a hardcoded account "!#/" with the same password, which makes it easier for remote attackers to obtain access via a TELNET session. plural Grandstream The product firmware contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Grandstream is an IP phone, network video surveillance solution vendor. The affected products are as follows: GXV3500GXV3501GXV3504GXV3601GXV3601HD/LLGXV3611HD/LLGXV3615W/PGXV3615WP_HDGXV3651FHDGXV3662HD. Grandstream multiple IP cameras including GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, and GXV3500 are prone to multiple security-bypass vulnerabilities. An attacker may exploit these issues to bypass certain security restrictions and perform unauthorized actions. =============================================================================== GRANDSTREAM ==================================================================== =============================================================================== 1.Advisory Information Title: Grandstream Series Vulnerabilities Date Published: 12/06/2013 Date of last updated: 12/06/2013 2.Vulnerability Description The following vulnerability has been found in these devices: -CVE-2013-3542. Backdoor in Telnet Protocol(CAPEC-443) -CVE-2013-3962. Cross Site Scripting(CWE-79) -CVE-2013-3963. -CVE-2013-3542, CVE-2013-3962 and CVE-2013-3963. It\x92s possible others models are affected but they were not checked. 4.PoC 4.1.Backdoor in Telnet Protocol CVE-2013-3542, Backdoor in Telnet Protocol You should connect via telnet protocol to any camera affected (it's open by default). After all you should be introduce the magic string \x93 !#/ \x94 as Username and as Password. You will get the admin panel setting menu. If you type "help", the following commands are shown: ======================================================= help, quit, status, restart, restore, upgrade, tty_test ======================================================= @@@ restore (Reset settings to factory default) The attacker can take the device control, so it's make this devices very vulnerables. 4.2.Cross Site Scripting (XSS) CVE-2013-3962, Cross Site Scripting non-persistent. _____________________________________________________________________________ http://xx.xx.xx.xx/<script>alert(123)</script> _____________________________________________________________________________ 4.3.Cross Site Request Forgery (CSRF) CVE-2013-3963, CSRF via GET method. A malicious user can try targeted attacks by sending a special CSRF vector. This allows you to manipulate web interface parameters. You should introduce the following URL to replicate the attack. _____________________________________________________________________________ http://xx.xx.xx.xx/goform/usermanage?cmd=add&user.name=test3&user.password=test3&user.level=0 _____________________________________________________________________________ 5.Credits -CVE-2013-3542, CVE-2013-3962 and CVE-2013-3963 were discovered by Jon\xe1s Ropero Castillo. 6.Report Timeline -2013-05-31: Students opens a ticket in order to notify the Grandstream Customer Support of the CVE-2013-3542. -2013-05-31: Grandstream team reports to the technical support to analyze the vulnerability. -2013-06-11: Students opens a ticket in order to notify the Grandstream Customer Support of the CVE-2013-3962 and CVE-2013-3963 vulnerabilities. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Wireshark: Multiple vulnerabilities Date: August 28, 2013 Bugs: #398549, #427964, #431572, #433990, #470262, #472762, #478694 ID: 201308-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Wireshark, allowing remote attackers to execute arbitrary code or cause Denial of Service. Background ========== Wireshark is a versatile network protocol analyzer. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-analyzer/wireshark < 1.10.1 >= 1.10.1 *>= 1.8.9 Description =========== Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition. Workaround ========== There is no known workaround at this time. Resolution ========== All Wireshark 1.10 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-1.10.1" All Wireshark 1.8 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-1.8.9" References ========== [ 1 ] CVE-2012-0041 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0041 [ 2 ] CVE-2012-0042 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0042 [ 3 ] CVE-2012-0043 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0043 [ 4 ] CVE-2012-0066 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0066 [ 5 ] CVE-2012-0067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0067 [ 6 ] CVE-2012-0068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0068 [ 7 ] CVE-2012-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3548 [ 8 ] CVE-2012-4048 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4048 [ 9 ] CVE-2012-4049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4049 [ 10 ] CVE-2012-4285 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4285 [ 11 ] CVE-2012-4286 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4286 [ 12 ] CVE-2012-4287 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4287 [ 13 ] CVE-2012-4288 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4288 [ 14 ] CVE-2012-4289 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4289 [ 15 ] CVE-2012-4290 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4290 [ 16 ] CVE-2012-4291 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4291 [ 17 ] CVE-2012-4292 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4292 [ 18 ] CVE-2012-4293 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4293 [ 19 ] CVE-2012-4294 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4294 [ 20 ] CVE-2012-4295 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4295 [ 21 ] CVE-2012-4296 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4296 [ 22 ] CVE-2012-4297 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4297 [ 23 ] CVE-2012-4298 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4298 [ 24 ] CVE-2013-3540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3540 [ 25 ] CVE-2013-3541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3541 [ 26 ] CVE-2013-3542 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3542 [ 27 ] CVE-2013-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3555 [ 28 ] CVE-2013-3556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3556 [ 29 ] CVE-2013-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3557 [ 30 ] CVE-2013-3558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3558 [ 31 ] CVE-2013-3559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3559 [ 32 ] CVE-2013-4074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4074 [ 33 ] CVE-2013-4075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4075 [ 34 ] CVE-2013-4076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4076 [ 35 ] CVE-2013-4077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4077 [ 36 ] CVE-2013-4078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4078 [ 37 ] CVE-2013-4079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4079 [ 38 ] CVE-2013-4080 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4080 [ 39 ] CVE-2013-4081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4081 [ 40 ] CVE-2013-4082 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4082 [ 41 ] CVE-2013-4083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4083 [ 42 ] CVE-2013-4920 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4920 [ 43 ] CVE-2013-4921 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4921 [ 44 ] CVE-2013-4922 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4922 [ 45 ] CVE-2013-4923 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4923 [ 46 ] CVE-2013-4924 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4924 [ 47 ] CVE-2013-4925 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4925 [ 48 ] CVE-2013-4926 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4926 [ 49 ] CVE-2013-4927 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4927 [ 50 ] CVE-2013-4928 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4928 [ 51 ] CVE-2013-4929 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4929 [ 52 ] CVE-2013-4930 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4930 [ 53 ] CVE-2013-4931 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4931 [ 54 ] CVE-2013-4932 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4932 [ 55 ] CVE-2013-4933 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4933 [ 56 ] CVE-2013-4934 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4934 [ 57 ] CVE-2013-4935 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4935 [ 58 ] CVE-2013-4936 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4936 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201308-05.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Trust: 2.7

sources: NVD: CVE-2013-3542 // JVNDB: JVNDB-2013-007004 // CNVD: CNVD-2013-08565 // BID: 60535 // VULMON: CVE-2013-3542 // PACKETSTORM: 122004 // PACKETSTORM: 122983

IOT TAXONOMY

category:	['Network device']	sub_category:	-	Trust: 0.6
category:	['camera device']	sub_category:	camera	Trust: 0.1

sources: OTHER: None // CNVD: CNVD-2013-08565

AFFECTED PRODUCTS

vendor:	grandstream	model:	gxv3501	scope:	eq	version:	1.0.4.11	Trust: 1.8
vendor:	grandstream	model:	gxv3504	scope:	eq	version:	1.0.4.11	Trust: 1.8
vendor:	grandstream	model:	gxv3601	scope:	eq	version:	1.0.4.11	Trust: 1.8
vendor:	grandstream	model:	gxv3601hd	scope:	eq	version:	1.0.4.11	Trust: 1.8
vendor:	grandstream	model:	gxv3601ll	scope:	eq	version:	1.0.4.11	Trust: 1.8
vendor:	grandstream	model:	gxv3611ll	scope:	eq	version:	1.0.4.11	Trust: 1.8
vendor:	grandstream	model:	gxv3615p	scope:	eq	version:	1.0.4.11	Trust: 1.8
vendor:	grandstream	model:	gxv3615w	scope:	eq	version:	1.0.4.11	Trust: 1.8
vendor:	grandstream	model:	gxv3651fhd	scope:	eq	version:	1.0.4.11	Trust: 1.8
vendor:	grandstream	model:	gxv3615wp hd	scope:	eq	version:	1.0.4.11	Trust: 1.0
vendor:	grandstream	model:	gxv3611hd	scope:	eq	version:	1.0.4.11	Trust: 1.0
vendor:	grandstream	model:	gxv3662hd	scope:	eq	version:	1.0.4.11	Trust: 1.0
vendor:	grandstream	model:	gxv3500	scope:	eq	version:	1.0.4.11	Trust: 1.0
vendor:	grandstream	model:	gxv3611 hd	scope:	eq	version:	1.0.4.11	Trust: 0.8
vendor:	grandstream	model:	gxv3501 gxv3504 ip video encoders	scope:	eq	version:	/	Trust: 0.6
vendor:	grandstream	model:	gxv3500 ip video encoder/decoder	scope:	-	version:	-	Trust: 0.6
vendor:	grandstream	model:	gxv series ip cameras	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2013-08565 // JVNDB: JVNDB-2013-007004 // NVD: CVE-2013-3542

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-3542
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2013-3542
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2013-08565
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201306-261
value:	CRITICAL
Trust: 0.6
VULMON:	CVE-2013-3542
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2013-3542
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2013-08565
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2013-3542
baseSeverity:	CRITICAL
baseScore:	10.0
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	6.0
version:	3.1
Trust: 1.0
NVD:	CVE-2013-3542
baseSeverity:	CRITICAL
baseScore:	10.0
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2013-08565 // VULMON: CVE-2013-3542 // JVNDB: JVNDB-2013-007004 // CNNVD: CNNVD-201306-261 // NVD: CVE-2013-3542

PROBLEMTYPE DATA

problemtype:

CWE-798

Trust: 1.8

sources: JVNDB: JVNDB-2013-007004 // NVD: CVE-2013-3542

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 122983 // CNNVD: CNNVD-201306-261

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-201306-261

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-007004

PATCH

title:

Top Page

url:

http://www.grandstream.com/

Trust: 0.8

sources: JVNDB: JVNDB-2013-007004

EXTERNAL IDS

db:	NVD	id:	CVE-2013-3542	Trust: 3.1
db:	JVNDB	id:	JVNDB-2013-007004	Trust: 0.8
db:	PACKETSTORM	id:	122004	Trust: 0.7
db:	SECUNIA	id:	53763	Trust: 0.6
db:	CNVD	id:	CNVD-2013-08565	Trust: 0.6
db:	CNNVD	id:	CNNVD-201306-261	Trust: 0.6
db:	BID	id:	60535	Trust: 0.4
db:	OTHER	id:	NONE	Trust: 0.1
db:	VULMON	id:	CVE-2013-3542	Trust: 0.1
db:	PACKETSTORM	id:	122983	Trust: 0.1

sources: OTHER: None // CNVD: CNVD-2013-08565 // VULMON: CVE-2013-3542 // BID: 60535 // JVNDB: JVNDB-2013-007004 // PACKETSTORM: 122004 // PACKETSTORM: 122983 // CNNVD: CNNVD-201306-261 // NVD: CVE-2013-3542

REFERENCES

url:	http://seclists.org/fulldisclosure/2013/jun/84	Trust: 2.5
url:	https://www.youtube.com/watch?v=xkcbs4lenhi	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2013-3542	Trust: 1.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3542	Trust: 0.8
url:	http://www.secunia.com/advisories/53763/	Trust: 0.6
url:	http://packetstormsecurity.com/files/122004/grandstream-backdoor-cross-site-request-forgery-cross-site-scripting.html	Trust: 0.6
url:	https://ieeexplore.ieee.org/abstract/document/10769424	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/798.html	Trust: 0.1
url:	https://www.securityfocus.com/bid/60535	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-3963	Trust: 0.1
url:	http://xx.xx.xx.xx/<script>alert(123)</script>	Trust: 0.1
url:	http://xx.xx.xx.xx/goform/usermanage?cmd=add&user.name=test3&user.password=test3&user.level=0	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-3962	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4933	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4288	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-3541	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4049	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4292	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0066	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4081	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4292	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0068	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4922	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4298	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4289	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4296	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0042	Trust: 0.1
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4293	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0043	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-3540	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4924	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4078	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4297	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4932	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4287	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4080	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4082	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0041	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4287	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4931	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3556	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0043	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-3548	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4048	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4928	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0042	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4285	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0067	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4291	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0068	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4083	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4936	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4926	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3548	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4923	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4920	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4286	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3558	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4927	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4935	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4074	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-3556	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4295	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4294	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4048	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4295	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4286	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4077	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4291	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3555	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4929	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4921	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3559	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3557	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4285	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4049	Trust: 0.1
url:	http://security.gentoo.org/glsa/glsa-201308-05.xml	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4289	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4290	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3542	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0041	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4294	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4076	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4925	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4934	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4290	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4075	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4296	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-3555	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3540	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4930	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0067	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4298	Trust: 0.1
url:	http://security.gentoo.org/	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0066	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3541	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4293	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4288	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4297	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4079	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1

sources: OTHER: None // CNVD: CNVD-2013-08565 // VULMON: CVE-2013-3542 // JVNDB: JVNDB-2013-007004 // PACKETSTORM: 122004 // PACKETSTORM: 122983 // CNNVD: CNNVD-201306-261 // NVD: CVE-2013-3542

CREDITS

Jon??s Ropero Castillo.

Trust: 0.6

sources: CNNVD: CNNVD-201306-261

SOURCES

db:	OTHER	id:	-
db:	CNVD	id:	CNVD-2013-08565
db:	VULMON	id:	CVE-2013-3542
db:	BID	id:	60535
db:	JVNDB	id:	JVNDB-2013-007004
db:	PACKETSTORM	id:	122004
db:	PACKETSTORM	id:	122983
db:	CNNVD	id:	CNNVD-201306-261
db:	NVD	id:	CVE-2013-3542

LAST UPDATE DATE

2025-01-30T20:39:37.862000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2013-08565	date:	2013-07-03T00:00:00
db:	VULMON	id:	CVE-2013-3542	date:	2019-12-19T00:00:00
db:	BID	id:	60535	date:	2013-08-30T00:13:00
db:	JVNDB	id:	JVNDB-2013-007004	date:	2019-12-25T00:00:00
db:	CNNVD	id:	CNNVD-201306-261	date:	2019-12-26T00:00:00
db:	NVD	id:	CVE-2013-3542	date:	2024-11-21T01:53:51.560

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2013-08565	date:	2013-07-02T00:00:00
db:	VULMON	id:	CVE-2013-3542	date:	2019-12-11T00:00:00
db:	BID	id:	60535	date:	2013-06-12T00:00:00
db:	JVNDB	id:	JVNDB-2013-007004	date:	2019-12-25T00:00:00
db:	PACKETSTORM	id:	122004	date:	2013-06-13T06:12:41
db:	PACKETSTORM	id:	122983	date:	2013-08-29T02:49:21
db:	CNNVD	id:	CNNVD-201306-261	date:	2013-06-20T00:00:00
db:	NVD	id:	CVE-2013-3542	date:	2019-12-11T19:15:11.407