Lucene search

[email protected]CVE-2013-6795

HistoryDec 24, 2013 - 6:55 p.m.

CVE-2013-6795

2013-12-2418:55:00

CWE-94

[email protected]

web.nvd.nist.gov

151

cve-2013-6795

updater

rackspace

openstack

windows

guest agent

xenserver

arbitrary code execution

remote attackers

.net object

tcp port 1984

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.095 Low

EPSS

Percentile

94.7%

JSON

The Updater in Rackspace Openstack Windows Guest Agent for XenServer before 1.2.6.0 allows remote attackers to execute arbitrary code via a crafted serialized .NET object to TCP port 1984, which triggers the download and extraction of a ZIP file that overwrites the Agent service binary.

CPENameOperatorVersion
rackspace:openstack_windows_guest_agentrackspace openstack windows guest agentle1.2.5.0

CPE	Name	Operator	Version
rackspace:openstack_windows_guest_agent	rackspace openstack windows guest agent	le	1.2.5.0

References

archives.neohapsis.com/archives/bugtraq/2013-11/0122.html

blog.cloudpassage.com/2013/11/18/cve-2013-6795-vulnerability-rackspace-windows-agent-updater/

osvdb.org/100191

packetstormsecurity.com/files/124153/Rackspace-Windows-Agent-Updater-Arbitrary-Code-Execution.html

secunia.com/advisories/55775

github.com/rackerlabs/openstack-guest-agents-windows-xenserver/commit/ef16f88f20254b8083e361f11707da25f8482401

github.com/rackerlabs/openstack-guest-agents-windows-xenserver/releases/tag/1.2.6.0

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.095 Low

EPSS

Percentile

94.7%

JSON

Related for CVE-2013-6795

prion2 securityvulns2 cvelist1 cve1