Details of VAR-201401-0492

ID

VAR-201401-0492

CVE

CVE-2013-7314

TITLE

Open Shortest Path First (OSPF) Protocol does not specify unique LSA lookup identifiers

Trust: 0.8

sources: CERT/CC: VU#229804

DESCRIPTION

The OSPF implementation on NEC IP38X, IX1000, IX2000, and IX3000 routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. The Open Shortest Path First (OSPF) protocol does not specify unique Link State Advertisement (LSA) lookup identifiers, which allow an attacker to intercept traffic or conduct a Denial of Service (DoS) attack. This vulnerability CVE-2013-0149 And related issues. Supplementary information : CWE Vulnerability type by CWE-694: Use of Multiple Resources with Duplicate Identifier ( Using multiple resources with duplicate identifiers ) Has been identified. NEC IP38X, IX1000, IX2000 and IX3000 routers are router devices. The route is interrupted or sensitive message information is obtained. Multiple NEC Products are prone to a remote security-bypass vulnerability due to an error in the OSPF protocol specification. Exploiting this issue could allow an attacker to bypass certain security restrictions and take full control of the OSPF AS domain routing table, blackholed traffic, and intercepted traffic. This may aid in further attacks

Trust: 3.15

sources: NVD: CVE-2013-7314 // CERT/CC: VU#229804 // JVNDB: JVNDB-2013-005907 // CNVD: CNVD-2014-00600 // BID: 65170

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2014-00600

AFFECTED PRODUCTS

vendor:	nec	model:	ip38x 140	scope:	eq	version:	-	Trust: 1.6
vendor:	nec	model:	ip38x 810	scope:	eq	version:	-	Trust: 1.6
vendor:	nec	model:	ip38x 300	scope:	eq	version:	-	Trust: 1.6
vendor:	nec	model:	ip38x 1500	scope:	eq	version:	-	Trust: 1.6
vendor:	nec	model:	ip38x 105	scope:	eq	version:	-	Trust: 1.6
vendor:	nec	model:	ip38x 1000	scope:	eq	version:	-	Trust: 1.6
vendor:	nec	model:	ip38x 2000	scope:	eq	version:	-	Trust: 1.6
vendor:	nec	model:	ip38x 1100	scope:	eq	version:	-	Trust: 1.6
vendor:	nec	model:	ip38x 250i	scope:	eq	version:	-	Trust: 1.6
vendor:	nec	model:	ip38x 107e	scope:	eq	version:	-	Trust: 1.6
vendor:	nec	model:	ip38x 3000	scope:	eq	version:	-	Trust: 1.0
vendor:	nec	model:	ip38x 1200	scope:	eq	version:	-	Trust: 1.0
vendor:	brocade	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	check point	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	d link	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	enterasys	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	extreme	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	ibm	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	juniper	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	oracle	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	vyatta	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	yamaha	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	ip38x/1000	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	ip38x/105	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	ip38x/107e	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	ip38x/1100	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	ip38x/1200	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	ip38x/140	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	ip38x/1500	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	ip38x/2000	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	ip38x/250i	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	ip38x/300	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	ip38x/3000	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	ip38x/810	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	ip38x 1200/ip38x 810/ip38x 250i/ip38x 1100/ip38x 1500/ip38x 107e/ip38x 1000/ip38x 2000/ip38x 105/ip38x 140/ip38x 300	scope:	-	version:	-	Trust: 0.6

sources: CERT/CC: VU#229804 // CNVD: CNVD-2014-00600 // JVNDB: JVNDB-2013-005907 // CNNVD: CNNVD-201401-489 // NVD: CVE-2013-7314

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-7314
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2013-0149
value:	MEDIUM
Trust: 0.8
NVD:	CVE-2013-7314
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2014-00600
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201401-489
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2013-7314
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
NVD:	CVE-2013-0149
severity:	MEDIUM
baseScore:	5.4
vectorString:	NONE
accessVector:	ADJACENT NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	5.5
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2014-00600
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:A/AC:M/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	5.5
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CERT/CC: VU#229804 // CNVD: CNVD-2014-00600 // JVNDB: JVNDB-2013-005907 // CNNVD: CNNVD-201401-489 // NVD: CVE-2013-7314

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	CWE-Other	Trust: 0.8

sources: JVNDB: JVNDB-2013-005907 // NVD: CVE-2013-7314

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201401-489

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201401-489

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-005907

EXPLOIT AVAILABILITY

sources: CERT/CC: VU#229804

PATCH

title:	NV13-006	url:	http://jpn.nec.com/security-info/secinfo/nv13-006.html	Trust: 0.8
title:	IX1000/IX2000/IX3000シリーズOSPF脆弱性問題(VU#229804)に関する御報告（第2版）	url:	http://jpn.nec.com/univerge/ix/Support/CERT/VU229804.html	Trust: 0.8
title:	OSPF routing protocol implementation design vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/43177	Trust: 0.6

sources: CNVD: CNVD-2014-00600 // JVNDB: JVNDB-2013-005907

EXTERNAL IDS

db:	NVD	id:	CVE-2013-7314	Trust: 3.3
db:	CERT/CC	id:	VU#229804	Trust: 3.2
db:	JVN	id:	JVNVU96465452	Trust: 0.8
db:	JVNDB	id:	JVNDB-2013-005907	Trust: 0.8
db:	CNVD	id:	CNVD-2014-00600	Trust: 0.6
db:	CERT/CC	id:	HTTP://WWW.KB.CERT.ORG/VULS/ID/BLUU-985QUQ	Trust: 0.6
db:	CNNVD	id:	CNNVD-201401-489	Trust: 0.6
db:	BID	id:	65170	Trust: 0.3

sources: CERT/CC: VU#229804 // CNVD: CNVD-2014-00600 // BID: 65170 // JVNDB: JVNDB-2013-005907 // CNNVD: CNNVD-201401-489 // NVD: CVE-2013-7314

REFERENCES

url:	http://jpn.nec.com/security-info/secinfo/nv13-006.html	Trust: 2.4
url:	http://www.kb.cert.org/vuls/id/229804	Trust: 2.4
url:	http://www.kb.cert.org/vuls/id/bluu-985quq	Trust: 2.4
url:	http://jpn.nec.com/univerge/ix/support/cert/vu229804.html	Trust: 1.6
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-7314	Trust: 1.4
url:	http://tools.ietf.org/html/rfc2328	Trust: 0.8
url:	http://en.wikipedia.org/wiki/open_shortest_path_first	Trust: 0.8
url:	https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk94490	Trust: 0.8
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=30210	Trust: 0.8
url:	https://cp-enterasys.kb.net/article.aspx?article=15134&p=1	Trust: 0.8
url:	http://www-01.ibm.com/support/docview.wss?uid=isg3t1019716	Trust: 0.8
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10582&cat=sirt_1&actp=	Trust: 0.8
url:	http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html	Trust: 0.8
url:	http://www.rtpro.yamaha.co.jp/rt/faq/security/vu96465452.html	Trust: 0.8
url:	https://kc.mcafee.com/corporate/index?page=content&id=kb79309&actp=list	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-7314	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu96465452/	Trust: 0.8

sources: CERT/CC: VU#229804 // CNVD: CNVD-2014-00600 // JVNDB: JVNDB-2013-005907 // CNNVD: CNNVD-201401-489 // NVD: CVE-2013-7314

CREDITS

Dr. Gabi Nakibly from Rafael Advanced Defense Systems as joint work he conducted with Eitan Menahem, Yuval Elovici and Ariel Waizel of Telekom Innovation Laboratories at Ben Gurion University

Trust: 0.3

sources: BID: 65170

SOURCES

db:	CERT/CC	id:	VU#229804
db:	CNVD	id:	CNVD-2014-00600
db:	BID	id:	65170
db:	JVNDB	id:	JVNDB-2013-005907
db:	CNNVD	id:	CNNVD-201401-489
db:	NVD	id:	CVE-2013-7314

LAST UPDATE DATE

2025-04-11T22:53:09.537000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#229804	date:	2013-12-06T00:00:00
db:	CNVD	id:	CNVD-2014-00600	date:	2014-01-26T00:00:00
db:	BID	id:	65170	date:	2014-01-27T00:00:00
db:	JVNDB	id:	JVNDB-2013-005907	date:	2014-01-27T00:00:00
db:	CNNVD	id:	CNNVD-201401-489	date:	2014-01-27T00:00:00
db:	NVD	id:	CVE-2013-7314	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#229804	date:	2013-08-02T00:00:00
db:	CNVD	id:	CNVD-2014-00600	date:	2014-01-27T00:00:00
db:	BID	id:	65170	date:	2014-01-27T00:00:00
db:	JVNDB	id:	JVNDB-2013-005907	date:	2014-01-27T00:00:00
db:	CNNVD	id:	CNNVD-201401-489	date:	2014-01-27T00:00:00
db:	NVD	id:	CVE-2013-7314	date:	2014-01-23T17:55:05.633