CVE-2013-6795 - Vulnerability Details - OpenCVE

The Updater in Rackspace Openstack Windows Guest Agent for XenServer before 1.2.6.0 allows remote attackers to execute arbitrary code via a crafted serialized .NET object to TCP port 1984, which triggers the download and extraction of a ZIP file that overwrites the Agent service binary.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Rackspace	Openstack Windows Guest Agent

Configuration 1 [-]

cpe:2.3:a:rackspace:openstack_windows_guest_agent:*:-:-:*:-:xen_server:*:*

No data.

References

Link	Providers
http://archives.neohapsis.com/archives/bugtraq/2013-11/0122.html
http://blog.cloudpassage.com/2013/11/18/cve-2013-6795-vulnerability-rackspace-windows-agent-updater/
http://osvdb.org/100191
http://packetstormsecurity.com/files/124153/Rackspace-Windows-Agent-Updater-Arbitrary-Code-Execution.html
http://secunia.com/advisories/55775
https://github.com/rackerlabs/openstack-guest-agents-windows-xenserver/commit/ef16f88f20254b8083e361f11707da25f8482401
https://github.com/rackerlabs/openstack-guest-agents-windows-xenserver/releases/tag/1.2.6.0

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2013-12-24T18:00:00

Updated: 2024-08-06T17:46:23.563Z

Reserved: 2013-11-15T00:00:00

Link: CVE-2013-6795

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2013-12-24T18:55:20.793

Modified: 2025-04-11T00:51:21.963

Link: CVE-2013-6795

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-11-18T00:00:00", "descriptions": [{"lang": "en", "value": "The Updater in Rackspace Openstack Windows Guest Agent for XenServer before 1.2.6.0 allows remote attackers to execute arbitrary code via a crafted serialized .NET object to TCP port 1984, which triggers the download and extraction of a ZIP file that overwrites the Agent service binary."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-12-24T17:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://blog.cloudpassage.com/2013/11/18/cve-2013-6795-vulnerability-rackspace-windows-agent-updater/"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/124153/Rackspace-Windows-Agent-Updater-Arbitrary-Code-Execution.html"}, {"name": "20131122 CVE-2013-6795 Vulnerability in the Rackspace Windows Agent and Updater", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0122.html"}, {"name": "100191", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/100191"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/rackerlabs/openstack-guest-agents-windows-xenserver/commit/ef16f88f20254b8083e361f11707da25f8482401"}, {"name": "55775", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/55775"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/rackerlabs/openstack-guest-agents-windows-xenserver/releases/tag/1.2.6.0"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2013-6795", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Updater in Rackspace Openstack Windows Guest Agent for XenServer before 1.2.6.0 allows remote attackers to execute arbitrary code via a crafted serialized .NET object to TCP port 1984, which triggers the download and extraction of a ZIP file that overwrites the Agent service binary."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://blog.cloudpassage.com/2013/11/18/cve-2013-6795-vulnerability-rackspace-windows-agent-updater/", "refsource": "MISC", "url": "http://blog.cloudpassage.com/2013/11/18/cve-2013-6795-vulnerability-rackspace-windows-agent-updater/"}, {"name": "http://packetstormsecurity.com/files/124153/Rackspace-Windows-Agent-Updater-Arbitrary-Code-Execution.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/124153/Rackspace-Windows-Agent-Updater-Arbitrary-Code-Execution.html"}, {"name": "20131122 CVE-2013-6795 Vulnerability in the Rackspace Windows Agent and Updater", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0122.html"}, {"name": "100191", "refsource": "OSVDB", "url": "http://osvdb.org/100191"}, {"name": "https://github.com/rackerlabs/openstack-guest-agents-windows-xenserver/commit/ef16f88f20254b8083e361f11707da25f8482401", "refsource": "CONFIRM", "url": "https://github.com/rackerlabs/openstack-guest-agents-windows-xenserver/commit/ef16f88f20254b8083e361f11707da25f8482401"}, {"name": "55775", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/55775"}, {"name": "https://github.com/rackerlabs/openstack-guest-agents-windows-xenserver/releases/tag/1.2.6.0", "refsource": "CONFIRM", "url": "https://github.com/rackerlabs/openstack-guest-agents-windows-xenserver/releases/tag/1.2.6.0"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T17:46:23.563Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://blog.cloudpassage.com/2013/11/18/cve-2013-6795-vulnerability-rackspace-windows-agent-updater/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/124153/Rackspace-Windows-Agent-Updater-Arbitrary-Code-Execution.html"}, {"name": "20131122 CVE-2013-6795 Vulnerability in the Rackspace Windows Agent and Updater", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0122.html"}, {"name": "100191", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/100191"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/rackerlabs/openstack-guest-agents-windows-xenserver/commit/ef16f88f20254b8083e361f11707da25f8482401"}, {"name": "55775", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/55775"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/rackerlabs/openstack-guest-agents-windows-xenserver/releases/tag/1.2.6.0"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-6795", "datePublished": "2013-12-24T18:00:00", "dateReserved": "2013-11-15T00:00:00", "dateUpdated": "2024-08-06T17:46:23.563Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rackspace:openstack_windows_guest_agent:*:-:-:*:-:xen_server:*:*", "matchCriteriaId": "9E48D37B-D011-4524-9C4A-1A83C7E58F48", "versionEndIncluding": "1.2.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Updater in Rackspace Openstack Windows Guest Agent for XenServer before 1.2.6.0 allows remote attackers to execute arbitrary code via a crafted serialized .NET object to TCP port 1984, which triggers the download and extraction of a ZIP file that overwrites the Agent service binary."}, {"lang": "es", "value": "El Updater en Rackspace Openstack Windows Guest Agent para XenServer anteriores a 1.2.6.0 permite a atacantes remotos ejectuar c\u00f3digo arbitrario a trav\u00e9s de un objeto .NET serializado al puerto TCP 1984, lo cual lanza la descarga y extracci\u00f3n de un fichero ZIP que sobreescribe el binario del servicio Agent."}], "id": "CVE-2013-6795", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-12-24T18:55:20.793", "references": [{"source": "[email protected]", "url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0122.html"}, {"source": "[email protected]", "tags": ["URL Repurposed"], "url": "http://blog.cloudpassage.com/2013/11/18/cve-2013-6795-vulnerability-rackspace-windows-agent-updater/"}, {"source": "[email protected]", "url": "http://osvdb.org/100191"}, {"source": "[email protected]", "url": "http://packetstormsecurity.com/files/124153/Rackspace-Windows-Agent-Updater-Arbitrary-Code-Execution.html"}, {"source": "[email protected]", "url": "http://secunia.com/advisories/55775"}, {"source": "[email protected]", "tags": ["Exploit", "Patch"], "url": "https://github.com/rackerlabs/openstack-guest-agents-windows-xenserver/commit/ef16f88f20254b8083e361f11707da25f8482401"}, {"source": "[email protected]", "url": "https://github.com/rackerlabs/openstack-guest-agents-windows-xenserver/releases/tag/1.2.6.0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0122.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["URL Repurposed"], "url": "http://blog.cloudpassage.com/2013/11/18/cve-2013-6795-vulnerability-rackspace-windows-agent-updater/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/100191"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://packetstormsecurity.com/files/124153/Rackspace-Windows-Agent-Updater-Arbitrary-Code-Execution.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/55775"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "https://github.com/rackerlabs/openstack-guest-agents-windows-xenserver/commit/ef16f88f20254b8083e361f11707da25f8482401"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/rackerlabs/openstack-guest-agents-windows-xenserver/releases/tag/1.2.6.0"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "[email protected]", "type": "Primary"}]}