cvelistv5 - cve-2013-6958

CVE-2013-6958 (GCVE-0-2013-6958)

Vulnerability from cvelistv5

Published

2013-12-13 18:00

Modified

2024-08-06 17:53

Severity ?

CWE

Summary

Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the Ping of Death screen is disabled, allows remote attackers to cause a denial of service via a crafted packet.

References

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

gsd-2013-6958

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the Ping of Death screen is disabled, allows remote attackers to cause a denial of service via a crafted packet.

Aliases

CVE-2013-6958

Aliases

CVE-2013-6958

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-6958",
    "description": "Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the Ping of Death screen is disabled, allows remote attackers to cause a denial of service via a crafted packet.",
    "id": "GSD-2013-6958"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-6958"
      ],
      "details": "Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the Ping of Death screen is disabled, allows remote attackers to cause a denial of service via a crafted packet.",
      "id": "GSD-2013-6958",
      "modified": "2023-12-13T01:22:19.169809Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2013-6958",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the Ping of Death screen is disabled, allows remote attackers to cause a denial of service via a crafted packet."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "JVNDB-2013-000119",
            "refsource": "JVNDB",
            "url": "http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000119.html"
          },
          {
            "name": "100861",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/100861"
          },
          {
            "name": "1029490",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1029490"
          },
          {
            "name": "https://kb.juniper.net/JSA10604",
            "refsource": "CONFIRM",
            "url": "https://kb.juniper.net/JSA10604"
          },
          {
            "name": "JVN#28436508",
            "refsource": "JVN",
            "url": "http://jvn.jp/en/jp/JVN28436508/index.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:screenos:6.3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:screenos:6.2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:screenos:5.4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:netscreen-5200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:netscreen-5400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-6958"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the Ping of Death screen is disabled, allows remote attackers to cause a denial of service via a crafted packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "100861",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/100861"
            },
            {
              "name": "https://kb.juniper.net/JSA10604",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://kb.juniper.net/JSA10604"
            },
            {
              "name": "JVN#28436508",
              "refsource": "JVN",
              "tags": [],
              "url": "http://jvn.jp/en/jp/JVN28436508/index.html"
            },
            {
              "name": "JVNDB-2013-000119",
              "refsource": "JVNDB",
              "tags": [],
              "url": "http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000119.html"
            },
            {
              "name": "1029490",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1029490"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2014-01-04T04:51Z",
      "publishedDate": "2013-12-13T18:07Z"
    }
  }
}

De multiples vulnérabilités ont été corrigées dans les produits Juniper. Elles permettent à un attaquant de provoquer un déni de service à distance et une injection de code indirecte à distance (XSS).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Pulse Secure	N/A	Juniper Junos Pulse Secure Access Service (IVE) versions antérieures à 7.3r8
Pulse Secure	N/A	Juniper Junos Pulse Secure Access Service (IVE) versions antérieures à 7.1r17
Juniper Networks	N/A	Juniper Networks IDP versions 5.1 et antérieures
Pulse Secure	N/A	Juniper Junos Pulse Secure Access Service (IVE) versions antérieures à 8.0r1
N/A	N/A	Juniper ScreenOS versions 6.2 et antérieures
Pulse Secure	N/A	Juniper Junos Pulse Secure Access Service (IVE) versions antérieures à 7.4r6
N/A	N/A	Juniper ScreenOS versions 6.3 et antérieures
N/A	N/A	Juniper ScreenOS versions 5.4 et antérieures

References

Title

Publication Time

fkie_cve-2013-6958

Vulnerability from fkie_nvd

Published

2013-12-13 18:07

Modified

2025-04-11 00:51

Severity ?

Summary

Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the Ping of Death screen is disabled, allows remote attackers to cause a denial of service via a crafted packet.

References

URL	Tags
cve@mitre.org	http://jvn.jp/en/jp/JVN28436508/index.html
cve@mitre.org	http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000119.html
cve@mitre.org	http://osvdb.org/100861
cve@mitre.org	http://www.securitytracker.com/id/1029490
cve@mitre.org	https://kb.juniper.net/JSA10604	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/en/jp/JVN28436508/index.html
af854a3a-2127-422b-91ae-364da2661108	http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000119.html
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/100861
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1029490
af854a3a-2127-422b-91ae-364da2661108	https://kb.juniper.net/JSA10604	Vendor Advisory

Impacted products

Vendor	Product	Version
juniper	screenos	5.4.0
juniper	screenos	6.2.0
juniper	screenos	6.3.0
juniper	netscreen-5200	-
juniper	netscreen-5400	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:screenos:5.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF9D20BE-9AA1-44E2-B4C3-90A873B2329F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:screenos:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "452D480D-92EC-4491-B669-CCB9106B246B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:screenos:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2F484AD-901C-4D4E-81D0-41C177A73246",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:netscreen-5200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A658500D-84C8-4F33-9AD3-2DF76DC41459",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:netscreen-5400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2B4E7A-30F3-488E-A685-7CBF998C7E9F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the Ping of Death screen is disabled, allows remote attackers to cause a denial of service via a crafted packet."
    },
    {
      "lang": "es",
      "value": "Juniper NetScreen Firewall corriendo ScreenOS 5.4, 6.2 o 6.3, cuando la pantalla Ping of Dead est\u00e1 deshabilitada, permite a atacantes remotos causar una denegaci\u00f3n de servico a trav\u00e9s de un paquete manipulado."
    }
  ],
  "id": "CVE-2013-6958",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-12-13T18:07:54.437",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://jvn.jp/en/jp/JVN28436508/index.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000119.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/100861"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1029490"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA10604"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvn.jp/en/jp/JVN28436508/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000119.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/100861"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1029490"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA10604"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-9vr7-72gc-v2wj

Vulnerability from github

Published

2022-05-17 04:55

Modified

2022-05-17 04:55

Details

Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the Ping of Death screen is disabled, allows remote attackers to cause a denial of service via a crafted packet.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-6958"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-12-13T18:07:00Z",
    "severity": "HIGH"
  },
  "details": "Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the Ping of Death screen is disabled, allows remote attackers to cause a denial of service via a crafted packet.",
  "id": "GHSA-9vr7-72gc-v2wj",
  "modified": "2022-05-17T04:55:07Z",
  "published": "2022-05-17T04:55:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6958"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA10604"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/en/jp/JVN28436508/index.html"
    },
    {
      "type": "WEB",
      "url": "http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000119.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/100861"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1029490"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

var-201312-0247

Vulnerability from variot

Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the Ping of Death screen is disabled, allows remote attackers to cause a denial of service via a crafted packet. ScreenOS provided by Juniper Networks contains a denial-of-service (DoS) vulnerability. Shuichiro Suzuki of FFRI, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.When processing a malicious packet, the device may hang. ScreenOS is prone to an unspecified denial-of-service vulnerability. Successful exploits may allow the attacker to cause denial-of-service conditions. ScreenOS 5.4, 6.2.0, and 6.3.0 are vulnerable. Juniper Networks NetScreen Firewall running Juniper ScreenOS is an operating system of Juniper Networks (Juniper Networks) that runs on NetScreen series firewalls. ############################################################## FFRI, Inc.

=== Reference === CVE No. : CVE-2013-6958 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6958

Mozilla Foundation Security Advisory : https://www.mozilla.org/security/announce/2013/mfsa2013-33.html

FFRI Advisory URL: http://www.ffri.jp/cgi-bin/advisory/advisory.cgi?type=release&id=FFRRA-20131213

=== About FFRI === FFRI is a leading security products and service vendor in Japan providing innovative security software and vulnerability research information. Our commitment is to secure our IT-driven society by protecting information system from unpredictable threats.

http://www.ffri.jp research-feedback@ffri.jp

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201312-0247",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "screenos",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "juniper",
        "version": "6.2.0"
      },
      {
        "model": "screenos",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "juniper",
        "version": "6.3.0"
      },
      {
        "model": "screenos",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "juniper",
        "version": "5.4.0"
      },
      {
        "model": "netscreen-5400",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "netscreen-5200",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "screenos",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "version 5.4 (ns 5gt only)"
      },
      {
        "model": "screenos",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "version 6.2"
      },
      {
        "model": "screenos",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "version 6.3"
      },
      {
        "model": "networks screenos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "5.4"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "64260"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000119"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-308"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-6958"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:juniper:screenos",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000119"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Shuichiro Suzuki of FFRI, Inc",
    "sources": [
      {
        "db": "BID",
        "id": "64260"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2013-6958",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2013-6958",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 1.0,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "IPA",
            "availabilityImpact": "Complete",
            "baseScore": 7.8,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2013-000119",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-66960",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-6958",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "IPA",
            "id": "JVNDB-2013-000119",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201312-308",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-66960",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-66960"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000119"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-308"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-6958"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the Ping of Death screen is disabled, allows remote attackers to cause a denial of service via a crafted packet. ScreenOS provided by Juniper Networks contains a denial-of-service (DoS) vulnerability. Shuichiro Suzuki of FFRI, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.When processing a malicious packet, the device may hang. ScreenOS is prone to an unspecified denial-of-service vulnerability. \nSuccessful exploits may allow the attacker to cause denial-of-service conditions. \nScreenOS 5.4, 6.2.0, and 6.3.0 are vulnerable. Juniper Networks NetScreen Firewall running Juniper ScreenOS is an operating system of Juniper Networks (Juniper Networks) that runs on NetScreen series firewalls. ##############################################################\n   FFRI, Inc. \n\n=== Reference ===\nCVE No. : CVE-2013-6958\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6958\n\nMozilla Foundation Security Advisory :\nhttps://www.mozilla.org/security/announce/2013/mfsa2013-33.html\n\nFFRI Advisory URL:\nhttp://www.ffri.jp/cgi-bin/advisory/advisory.cgi?type=release\u0026id=FFRRA-20131213\n\n=== About FFRI ===\nFFRI is a leading security products and service vendor in Japan \nproviding innovative security software and vulnerability research \ninformation. Our commitment is to secure our IT-driven society by\nprotecting information system from unpredictable threats. \n\nhttp://www.ffri.jp\nresearch-feedback@ffri.jp\n\n=== Copyright ===\n2007 - 2014 FFRI, Inc. All rights reserved",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-6958"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000119"
      },
      {
        "db": "BID",
        "id": "64260"
      },
      {
        "db": "VULHUB",
        "id": "VHN-66960"
      },
      {
        "db": "PACKETSTORM",
        "id": "124903"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-6958",
        "trust": 2.9
      },
      {
        "db": "JVN",
        "id": "JVN28436508",
        "trust": 1.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000119",
        "trust": 1.9
      },
      {
        "db": "OSVDB",
        "id": "100861",
        "trust": 1.7
      },
      {
        "db": "JUNIPER",
        "id": "JSA10604",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1029490",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-308",
        "trust": 0.7
      },
      {
        "db": "SECUNIA",
        "id": "56086",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "56089",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "64260",
        "trust": 0.4
      },
      {
        "db": "PACKETSTORM",
        "id": "124903",
        "trust": 0.2
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-61109",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-66960",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-66960"
      },
      {
        "db": "BID",
        "id": "64260"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000119"
      },
      {
        "db": "PACKETSTORM",
        "id": "124903"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-308"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-6958"
      }
    ]
  },
  "id": "VAR-201312-0247",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-66960"
      }
    ],
    "trust": 0.725
  },
  "last_update_date": "2024-11-23T22:42:39.012000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "2013-12 Security Bulletin: NetScreen Firewall: Crafted packet can cause denial of service (CVE-2013-6958)",
        "trust": 0.8,
        "url": "http://kb.juniper.net/JSA10604"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000119"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-6958"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "http://jvn.jp/en/jp/jvn28436508/index.html"
      },
      {
        "trust": 1.7,
        "url": "https://kb.juniper.net/jsa10604"
      },
      {
        "trust": 1.7,
        "url": "http://osvdb.org/100861"
      },
      {
        "trust": 1.1,
        "url": "http://jvndb.jvn.jp/ja/contents/2013/jvndb-2013-000119.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1029490"
      },
      {
        "trust": 0.9,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6958"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6958"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/56086"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/56089"
      },
      {
        "trust": 0.3,
        "url": "http://www.juniper.net/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-6958"
      },
      {
        "trust": 0.1,
        "url": "http://www.ffri.jp/cgi-bin/advisory/advisory.cgi?type=release\u0026id=ffrra-20131213"
      },
      {
        "trust": 0.1,
        "url": "https://www.mozilla.org/security/announce/2013/mfsa2013-33.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.ffri.jp"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-66960"
      },
      {
        "db": "BID",
        "id": "64260"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000119"
      },
      {
        "db": "PACKETSTORM",
        "id": "124903"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-308"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-6958"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-66960"
      },
      {
        "db": "BID",
        "id": "64260"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000119"
      },
      {
        "db": "PACKETSTORM",
        "id": "124903"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-308"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-6958"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-12-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-66960"
      },
      {
        "date": "2013-12-12T00:00:00",
        "db": "BID",
        "id": "64260"
      },
      {
        "date": "2013-12-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-000119"
      },
      {
        "date": "2014-01-23T00:22:22",
        "db": "PACKETSTORM",
        "id": "124903"
      },
      {
        "date": "2013-12-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201312-308"
      },
      {
        "date": "2013-12-13T18:07:54.437000",
        "db": "NVD",
        "id": "CVE-2013-6958"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-01-04T00:00:00",
        "db": "VULHUB",
        "id": "VHN-66960"
      },
      {
        "date": "2014-01-22T17:45:00",
        "db": "BID",
        "id": "64260"
      },
      {
        "date": "2013-12-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-000119"
      },
      {
        "date": "2013-12-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201312-308"
      },
      {
        "date": "2024-11-21T02:00:03.410000",
        "db": "NVD",
        "id": "CVE-2013-6958"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-308"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Juniper ScreenOS vulnerable to denial-of-service (DoS)",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000119"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-308"
      }
    ],
    "trust": 0.6
  }
}

cve-2013-6958

Vulnerability from jvndb

Published

2013-12-13 12:23

Modified

2013-12-18 15:23

Severity ?

() - -

Summary

Juniper ScreenOS vulnerable to denial-of-service (DoS)

Details

ScreenOS provided by Juniper Networks contains a denial-of-service (DoS) vulnerability. Shuichiro Suzuki of FFRI, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

References

Type

URL

	JVN	https://jvn.jp/en/jp/JVN28436508/index.html
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6958
	NVD	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6958
	No Mapping(CWE-noinfo)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

Juniper Networks, Inc.

ScreenOS

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000119.html",
  "dc:date": "2013-12-18T15:23+09:00",
  "dcterms:issued": "2013-12-13T12:23+09:00",
  "dcterms:modified": "2013-12-18T15:23+09:00",
  "description": "ScreenOS provided by Juniper Networks contains a denial-of-service (DoS) vulnerability.\r\n\r\nShuichiro Suzuki of FFRI, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000119.html",
  "sec:cpe": {
    "#text": "cpe:/o:juniper:screenos",
    "@product": "ScreenOS",
    "@vendor": "Juniper Networks, Inc.",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "7.8",
    "@severity": "High",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2013-000119",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN28436508/index.html",
      "@id": "JVN#28436508",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6958",
      "@id": "CVE-2013-6958",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6958",
      "@id": "CVE-2013-6958",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-noinfo",
      "@title": "No Mapping(CWE-noinfo)"
    }
  ],
  "title": "Juniper ScreenOS vulnerable to denial-of-service (DoS)"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2013-6958 (GCVE-0-2013-6958)

Vulnerability from cvelistv5

gsd-2013-6958

Vulnerability from gsd

CERTA-2013-AVI-674

Vulnerability from certfr_avis

Solution

fkie_cve-2013-6958

Vulnerability from fkie_nvd

ghsa-9vr7-72gc-v2wj

Vulnerability from github

var-201312-0247

Vulnerability from variot

cve-2013-6958

Vulnerability from jvndb

Tags

Sightings

Nomenclature