CVE-2013-6013

EUVD-2013-5843
Buffer overflow in the flow daemon (flowd) in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7-S2, 12.1.X44 before 12.1X44-D15, 12.1X45 before 12.1X45-D10 on SRX devices, when using telnet pass-through authentication on the firewall, might allow remote attackers to execute arbitrary code via a crafted telnet message.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
Affected Products (NVD)
VendorProductVersion
juniperjunos
𝑥
≤ 10.4
juniperjunos
4.0
juniperjunos
4.1
juniperjunos
4.2
juniperjunos
4.3
juniperjunos
4.4
juniperjunos
5.0
juniperjunos
5.1
juniperjunos
5.2
juniperjunos
5.3
juniperjunos
5.4
juniperjunos
5.5
juniperjunos
5.6
juniperjunos
5.7
juniperjunos
6.0
juniperjunos
6.1
juniperjunos
6.2
juniperjunos
6.3
juniperjunos
6.4
juniperjunos
7.0
juniperjunos
7.1
juniperjunos
7.2
juniperjunos
7.3
juniperjunos
7.4
juniperjunos
7.5
juniperjunos
7.6
juniperjunos
8.0
juniperjunos
8.1
juniperjunos
8.2
juniperjunos
8.3
juniperjunos
8.4
juniperjunos
9.0
juniperjunos
9.1
juniperjunos
9.2
juniperjunos
9.4
juniperjunos
9.5
juniperjunos
9.6
juniperjunos
11.4
juniperjunos
12.1x44:x44
juniperjunos
12.1x45:x45
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10594
http://osvdb.org/98369
http://secunia.com/advisories/55109
http://www.securityfocus.com/bid/62962
http://www.securitytracker.com/id/1029175
https://exchange.xforce.ibmcloud.com/vulnerabilities/87847
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10594
http://osvdb.org/98369
http://secunia.com/advisories/55109
http://www.securityfocus.com/bid/62962
http://www.securitytracker.com/id/1029175
https://exchange.xforce.ibmcloud.com/vulnerabilities/87847