PT-2013-1297 · Juniper Networks · Junos

Published

2013-10-17

Updated

2017-08-29

CVE-2013-6013

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Junos versions prior to 10.4S14 Junos versions prior to 11.4R7-S2 Junos versions 12.1.X44 prior to 12.1X44-D15 Junos versions 12.1X45 prior to 12.1X45-D10

Description The issue is related to a buffer overflow in the flow daemon (flowd) of Juniper Junos, potentially allowing remote attackers to execute arbitrary code via a crafted telnet message when telnet pass-through authentication is used on the firewall. This could also lead to a denial of service.

Recommendations For versions prior to 10.4S14, update to 10.4S14 or later. For versions prior to 11.4R7-S2, update to 11.4R7-S2 or later. For versions 12.1.X44 prior to 12.1X44-D15, update to 12.1X44-D15 or later. For versions 12.1X45 prior to 12.1X45-D10, update to 12.1X45-D10 or later.

Fix

RCE

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-120

Related Identifiers

BDU:2015-10410

CVE-2013-6013

Affected Products

Junos

PT-2013-1297 · Juniper Networks · Junos

CVE-2013-6013

Weakness Enumeration

Related Identifiers

Affected Products

References · 10