fkie_cve-2013-6013
Vulnerability from fkie_nvd
Published
2013-10-17 23:55
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in the flow daemon (flowd) in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7-S2, 12.1.X44 before 12.1X44-D15, 12.1X45 before 12.1X45-D10 on SRX devices, when using telnet pass-through authentication on the firewall, might allow remote attackers to execute arbitrary code via a crafted telnet message.
References
cve@mitre.orghttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10594Vendor Advisory
cve@mitre.orghttp://osvdb.org/98369
cve@mitre.orghttp://secunia.com/advisories/55109Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/62962
cve@mitre.orghttp://www.securitytracker.com/id/1029175
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/87847
af854a3a-2127-422b-91ae-364da2661108http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10594Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/98369
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/55109Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/62962
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1029175
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/87847
Impacted products
Vendor Product Version
juniper junos *
juniper junos 4.0
juniper junos 4.1
juniper junos 4.2
juniper junos 4.3
juniper junos 4.4
juniper junos 5.0
juniper junos 5.1
juniper junos 5.2
juniper junos 5.3
juniper junos 5.4
juniper junos 5.5
juniper junos 5.6
juniper junos 5.7
juniper junos 6.0
juniper junos 6.1
juniper junos 6.2
juniper junos 6.3
juniper junos 6.4
juniper junos 7.0
juniper junos 7.1
juniper junos 7.2
juniper junos 7.3
juniper junos 7.4
juniper junos 7.5
juniper junos 7.6
juniper junos 8.0
juniper junos 8.1
juniper junos 8.2
juniper junos 8.3
juniper junos 8.4
juniper junos 9.0
juniper junos 9.1
juniper junos 9.2
juniper junos 9.4
juniper junos 9.5
juniper junos 9.6
juniper junos 11.4
juniper junos 12.1x44
juniper junos 12.1x45
juniper srx100 -
juniper srx110 -
juniper srx1400 -
juniper srx210 -
juniper srx220 -
juniper srx240 -
juniper srx3400 -
juniper srx3600 -
juniper srx550 -
juniper srx5600 -
juniper srx5800 -
juniper srx650 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87B7BB4C-BF3D-4E88-9422-816CB5ECE523",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD172DD1-A2A1-4A01-9490-D5EE34E82D81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "59812A01-EED0-4D83-8837-462E51519B91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EC5D0F9-0769-4227-8E77-AC62811DCF4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "944F82C3-FF55-4658-B620-CE84F414F8A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D9AF7EE-F027-4F38-B33F-C9B4E53C8E38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0F33B07-7036-4A13-9B54-D191D8085295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF54C9B6-F73B-421B-9B2C-A6F46A9C3618",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABFFA914-40DA-44DF-9C51-CBC753659C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A9EA5F0-08D8-476B-B3B9-009E5BB0A6B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D815C4FB-9D6B-4DDF-A60A-4BD721D3CB21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "658ED891-8E65-44F0-9797-07811AC5243F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D6D0229-9738-4472-B452-0D93EAEA7446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DD3017-5939-4EDC-8A9E-A673195B705E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC1B9023-0D1E-456A-8ED5-AF63FA8A7F44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "78629980-A94C-4E13-86A4-C6CEC686B4B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0131C19D-4AF7-410A-A7C9-6AFD3494A743",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EA66D3D-A91B-4573-B287-AB73DF17415C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8089D28-839F-45CF-9247-969A9739E685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3195C856-8C0F-44DA-8DBB-ADD1854F0D66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "15480017-59ED-446C-9E9C-13D710ABC9E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF1C2CC2-9EA4-4017-BFF7-399FEBA0DE9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F443DB8-1E98-4D66-A75D-DCC4716218E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E51EBFBB-9236-436F-AC05-C7AFD9452A73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "851DD20A-9796-4B06-A9FF-C16D74310156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "38C56079-E4AC-4CE2-805D-AB893F82070C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0EE5FF2-A12F-41EF-9A3D-66B471288BF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB6086F9-431D-4A9D-BBFA-12A3A7FCE317",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C8EFF72-7F38-4B55-B449-F22801D7C18B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "195D3916-4B92-4A49-8988-20F9B9E9FF34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AD4416F-E655-4D37-A28E-0623AA031423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "378472AD-60F1-4A78-8256-DEF52ECB5602",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2DB4226-A4B1-4647-88CA-74AAFA3AE022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD7CAA11-F8FE-4732-A649-B9DD751917F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F474869-F2AD-4B2A-BF9D-66BAA8F8C3F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA28B556-9507-44B0-8F52-7FB9CADC74DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "135EA92C-6699-4686-8827-30E50C74BB0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:11.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "41543223-0FA9-4CBE-8DEC-717CE5FFED79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x44:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B307477-C5F2-4D98-AF4C-640D326164C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x45:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E747970-4C27-4B46-9163-964252CB98F6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the flow daemon (flowd) in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7-S2, 12.1.X44 before 12.1X44-D15, 12.1X45 before 12.1X45-D10 on SRX devices, when using telnet pass-through authentication on the firewall, might allow remote attackers to execute arbitrary code via a crafted telnet message."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en el demonio de flujo (flowd) de Juniper Junos anterior 10.4S14 10.4, 11.4 anterior 11.4R7-S2, 12.1.X44 anterior 12.1X44-D15, anterior 12.1X45 12.1X45-D10 en dispositivos SRX, al usar telnet con autenticaci\u00f3n pass-through   en el firewall, podr\u00eda permitir a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un mensaje telnet manipulado."
    }
  ],
  "id": "CVE-2013-6013",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-10-17T23:55:04.657",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10594"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/98369"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/55109"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/62962"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1029175"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87847"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10594"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/98369"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/55109"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/62962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1029175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87847"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.