var-201312-0247
Vulnerability from variot
Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the Ping of Death screen is disabled, allows remote attackers to cause a denial of service via a crafted packet. ScreenOS provided by Juniper Networks contains a denial-of-service (DoS) vulnerability. Shuichiro Suzuki of FFRI, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.When processing a malicious packet, the device may hang. ScreenOS is prone to an unspecified denial-of-service vulnerability. Successful exploits may allow the attacker to cause denial-of-service conditions. ScreenOS 5.4, 6.2.0, and 6.3.0 are vulnerable. Juniper Networks NetScreen Firewall running Juniper ScreenOS is an operating system of Juniper Networks (Juniper Networks) that runs on NetScreen series firewalls. ############################################################## FFRI, Inc.
=== Reference === CVE No. : CVE-2013-6958 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6958
Mozilla Foundation Security Advisory : https://www.mozilla.org/security/announce/2013/mfsa2013-33.html
FFRI Advisory URL: http://www.ffri.jp/cgi-bin/advisory/advisory.cgi?type=release&id=FFRRA-20131213
=== About FFRI === FFRI is a leading security products and service vendor in Japan providing innovative security software and vulnerability research information. Our commitment is to secure our IT-driven society by protecting information system from unpredictable threats.
http://www.ffri.jp research-feedback@ffri.jp
=== Copyright === 2007 - 2014 FFRI, Inc. All rights reserved
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201312-0247",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "screenos",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "6.2.0"
},
{
"model": "screenos",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "6.3.0"
},
{
"model": "screenos",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "5.4.0"
},
{
"model": "netscreen-5200",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": null
},
{
"model": "netscreen-5400",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": null
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "version 5.4 (ns 5gt only)"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "version 6.2"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "version 6.3"
},
{
"model": "networks screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.4"
}
],
"sources": [
{
"db": "BID",
"id": "64260"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-000119"
},
{
"db": "NVD",
"id": "CVE-2013-6958"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-308"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:screenos:6.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:screenos:6.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:screenos:5.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:juniper:netscreen-5200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:juniper:netscreen-5400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6958"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Shuichiro Suzuki of FFRI, Inc",
"sources": [
{
"db": "BID",
"id": "64260"
}
],
"trust": 0.3
},
"cve": "CVE-2013-6958",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2013-000119",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-66960",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-6958",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2013-000119",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201312-308",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-66960",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-66960"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-000119"
},
{
"db": "NVD",
"id": "CVE-2013-6958"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-308"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the Ping of Death screen is disabled, allows remote attackers to cause a denial of service via a crafted packet. ScreenOS provided by Juniper Networks contains a denial-of-service (DoS) vulnerability. Shuichiro Suzuki of FFRI, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.When processing a malicious packet, the device may hang. ScreenOS is prone to an unspecified denial-of-service vulnerability. \nSuccessful exploits may allow the attacker to cause denial-of-service conditions. \nScreenOS 5.4, 6.2.0, and 6.3.0 are vulnerable. Juniper Networks NetScreen Firewall running Juniper ScreenOS is an operating system of Juniper Networks (Juniper Networks) that runs on NetScreen series firewalls. ##############################################################\n FFRI, Inc. \n\n=== Reference ===\nCVE No. : CVE-2013-6958\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6958\n\nMozilla Foundation Security Advisory :\nhttps://www.mozilla.org/security/announce/2013/mfsa2013-33.html\n\nFFRI Advisory URL:\nhttp://www.ffri.jp/cgi-bin/advisory/advisory.cgi?type=release\u0026id=FFRRA-20131213\n\n=== About FFRI ===\nFFRI is a leading security products and service vendor in Japan \nproviding innovative security software and vulnerability research \ninformation. Our commitment is to secure our IT-driven society by\nprotecting information system from unpredictable threats. \n\nhttp://www.ffri.jp\nresearch-feedback@ffri.jp\n\n=== Copyright ===\n2007 - 2014 FFRI, Inc. All rights reserved",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6958"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-000119"
},
{
"db": "BID",
"id": "64260"
},
{
"db": "VULHUB",
"id": "VHN-66960"
},
{
"db": "PACKETSTORM",
"id": "124903"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6958",
"trust": 2.9
},
{
"db": "JVN",
"id": "JVN28436508",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2013-000119",
"trust": 1.9
},
{
"db": "OSVDB",
"id": "100861",
"trust": 1.7
},
{
"db": "JUNIPER",
"id": "JSA10604",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1029490",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201312-308",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "56086",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "56089",
"trust": 0.6
},
{
"db": "BID",
"id": "64260",
"trust": 0.4
},
{
"db": "PACKETSTORM",
"id": "124903",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-61109",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-66960",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-66960"
},
{
"db": "BID",
"id": "64260"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-000119"
},
{
"db": "PACKETSTORM",
"id": "124903"
},
{
"db": "NVD",
"id": "CVE-2013-6958"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-308"
}
]
},
"id": "VAR-201312-0247",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-66960"
}
],
"trust": 0.73095236
},
"last_update_date": "2023-12-18T12:58:04.199000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "2013-12 Security Bulletin: NetScreen Firewall: Crafted packet can cause denial of service (CVE-2013-6958)",
"trust": 0.8,
"url": "http://kb.juniper.net/jsa10604"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-000119"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6958"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://jvn.jp/en/jp/jvn28436508/index.html"
},
{
"trust": 1.7,
"url": "https://kb.juniper.net/jsa10604"
},
{
"trust": 1.7,
"url": "http://osvdb.org/100861"
},
{
"trust": 1.1,
"url": "http://jvndb.jvn.jp/ja/contents/2013/jvndb-2013-000119.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1029490"
},
{
"trust": 0.9,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6958"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6958"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/56086"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/56089"
},
{
"trust": 0.3,
"url": "http://www.juniper.net/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6958"
},
{
"trust": 0.1,
"url": "http://www.ffri.jp/cgi-bin/advisory/advisory.cgi?type=release\u0026id=ffrra-20131213"
},
{
"trust": 0.1,
"url": "https://www.mozilla.org/security/announce/2013/mfsa2013-33.html"
},
{
"trust": 0.1,
"url": "http://www.ffri.jp"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-66960"
},
{
"db": "BID",
"id": "64260"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-000119"
},
{
"db": "PACKETSTORM",
"id": "124903"
},
{
"db": "NVD",
"id": "CVE-2013-6958"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-308"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-66960"
},
{
"db": "BID",
"id": "64260"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-000119"
},
{
"db": "PACKETSTORM",
"id": "124903"
},
{
"db": "NVD",
"id": "CVE-2013-6958"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-308"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-12-13T00:00:00",
"db": "VULHUB",
"id": "VHN-66960"
},
{
"date": "2013-12-12T00:00:00",
"db": "BID",
"id": "64260"
},
{
"date": "2013-12-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-000119"
},
{
"date": "2014-01-23T00:22:22",
"db": "PACKETSTORM",
"id": "124903"
},
{
"date": "2013-12-13T18:07:54.437000",
"db": "NVD",
"id": "CVE-2013-6958"
},
{
"date": "2013-12-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201312-308"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-04T00:00:00",
"db": "VULHUB",
"id": "VHN-66960"
},
{
"date": "2014-01-22T17:45:00",
"db": "BID",
"id": "64260"
},
{
"date": "2013-12-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-000119"
},
{
"date": "2014-01-04T04:51:00.287000",
"db": "NVD",
"id": "CVE-2013-6958"
},
{
"date": "2013-12-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201312-308"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201312-308"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Juniper ScreenOS vulnerable to denial-of-service (DoS)",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-000119"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201312-308"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.