Podatność CVE-2014-4190


Publikacja: 2014-06-17

Opis:
Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700, and LSW S9700 with software V200R001 before V200R001SPH013; S5700, S6700, S5300, and S6300 with software V200R002 before V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750, and LSW S9700 with software V200R003 before V200R003SPH005; and S7700, S9300, S9300E, and LSW S9700 with software V200R005 before V200R005C00SPC300 allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet.

Typ:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
7.8/10
6.9/10
10/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Zdalny
Niska
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Brak
Brak
Pełny
Affected software
Huawei -> Campus series switch software 
Huawei -> Campus lsw s9700 
Huawei -> Campus s2350 
Huawei -> Campus s2750 
Huawei -> Campus s3300hi 
Huawei -> Campus s3700hi 
Huawei -> Campus s5300 
Huawei -> Campus s5700 
Huawei -> Campus s6300 
Huawei -> Campus s6700 
Huawei -> Campus s7700 
Huawei -> Campus s9300 
Huawei -> Campus s9300e 

 Referencje:
http://www.securityfocus.com/bid/67907
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-343218.htm

Copyright 2024, cxsecurity.com

 

Back to Top