CVE-2013-6015

Juniper Junos before 10.4S14, 11.4 before 11.4R5-S2, 12.1R before 12.1R3, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D15 on SRX Series services gateways, when a plugin using TCP proxy is configured, allows remote attackers to cause a denial of service (flow daemon crash) via an unspecified sequence of TCP packets.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10596	Vendor Advisory
http://osvdb.org/98368
http://secunia.com/advisories/55218	Vendor Advisory
http://www.securitytracker.com/id/1029177
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10596	Vendor Advisory
http://osvdb.org/98368
http://secunia.com/advisories/55218	Vendor Advisory
http://www.securitytracker.com/id/1029177

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:juniper:junos::::::::
	cpe:2.3:o:juniper:junos:4.0:::::::*
	cpe:2.3:o:juniper:junos:4.1:::::::*
	cpe:2.3:o:juniper:junos:4.2:::::::*
	cpe:2.3:o:juniper:junos:4.3:::::::*
	cpe:2.3:o:juniper:junos:4.4:::::::*
	cpe:2.3:o:juniper:junos:5.0:::::::*
	cpe:2.3:o:juniper:junos:5.1:::::::*
	cpe:2.3:o:juniper:junos:5.2:::::::*
	cpe:2.3:o:juniper:junos:5.3:::::::*
	cpe:2.3:o:juniper:junos:5.4:::::::*
	cpe:2.3:o:juniper:junos:5.5:::::::*
	cpe:2.3:o:juniper:junos:5.6:::::::*
	cpe:2.3:o:juniper:junos:5.7:::::::*
	cpe:2.3:o:juniper:junos:6.0:::::::*
	cpe:2.3:o:juniper:junos:6.1:::::::*
	cpe:2.3:o:juniper:junos:6.2:::::::*
	cpe:2.3:o:juniper:junos:6.3:::::::*
	cpe:2.3:o:juniper:junos:6.4:::::::*
	cpe:2.3:o:juniper:junos:7.0:::::::*
	cpe:2.3:o:juniper:junos:7.1:::::::*
	cpe:2.3:o:juniper:junos:7.2:::::::*
	cpe:2.3:o:juniper:junos:7.3:::::::*
	cpe:2.3:o:juniper:junos:7.4:::::::*
	cpe:2.3:o:juniper:junos:7.5:::::::*
	cpe:2.3:o:juniper:junos:7.6:::::::*
	cpe:2.3:o:juniper:junos:8.0:::::::*
	cpe:2.3:o:juniper:junos:8.1:::::::*
	cpe:2.3:o:juniper:junos:8.2:::::::*
	cpe:2.3:o:juniper:junos:8.3:::::::*
	cpe:2.3:o:juniper:junos:8.4:::::::*
	cpe:2.3:o:juniper:junos:9.0:::::::*
	cpe:2.3:o:juniper:junos:9.1:::::::*
	cpe:2.3:o:juniper:junos:9.2:::::::*
	cpe:2.3:o:juniper:junos:9.4:::::::*
	cpe:2.3:o:juniper:junos:9.5:::::::*
	cpe:2.3:o:juniper:junos:9.6:::::::*
	cpe:2.3:o:juniper:junos:11.4:::::::*
	cpe:2.3:o:juniper:junos:12.1:::::::*
	cpe:2.3:o:juniper:junos:12.1x44:::::::*
	cpe:2.3:o:juniper:junos:12.1x45:::::::*

OR	cpe:2.3:h:juniper:srx100:-:::::::*
	cpe:2.3:h:juniper:srx110:-:::::::*
	cpe:2.3:h:juniper:srx1400:-:::::::*
	cpe:2.3:h:juniper:srx210:-:::::::*
	cpe:2.3:h:juniper:srx220:-:::::::*
	cpe:2.3:h:juniper:srx240:-:::::::*
	cpe:2.3:h:juniper:srx3400:-:::::::*
	cpe:2.3:h:juniper:srx3600:-:::::::*
	cpe:2.3:h:juniper:srx550:-:::::::*
	cpe:2.3:h:juniper:srx5600:-:::::::*
	cpe:2.3:h:juniper:srx5800:-:::::::*
	cpe:2.3:h:juniper:srx650:-:::::::*

History

21 Nov 2024, 01:58

Type	Values Removed	Values Added
References	~~() http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10596 - Vendor Advisory~~	() http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10596 - Vendor Advisory
References	~~() http://osvdb.org/98368 -~~	() http://osvdb.org/98368 -
References	~~() http://secunia.com/advisories/55218 - Vendor Advisory~~	() http://secunia.com/advisories/55218 - Vendor Advisory
References	~~() http://www.securitytracker.com/id/1029177 -~~	() http://www.securitytracker.com/id/1029177 -

Information

Published : 2013-10-17 23:55

Updated : 2024-11-21 01:58

NVD link : CVE-2013-6015

Mitre link : CVE-2013-6015

CVE.ORG link : CVE-2013-6015

JSON object : View

Products Affected

juniper

srx100
srx1400
srx220
srx3400
srx110
srx3600
srx240
srx650
srx210
junos
srx5600
srx5800
srx550

CWE

CWE-20

Improper Input Validation

4.3 /10