PT-2013-2023 · Huawei · Huawei S3000+9
Felix Lindner
·
Publicado
2013-06-20
·
Atualizado
2013-06-21
·
CVE-2012-6569
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Huawei Branch Intelligent Management System (BIMS) (affected versions not specified)
Huawei AR routers (affected versions not specified)
Huawei S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches (affected versions not specified)
Description
The issue is a stack-based buffer overflow in the HTTP module. This allows remote attackers to execute arbitrary code via a long URI.
Recommendations
For Huawei Branch Intelligent Management System (BIMS), update to a version that fixes the HTTP module issue.
For Huawei AR routers, update to a version that fixes the HTTP module issue.
For Huawei S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches, update to a version that fixes the HTTP module issue.
As a temporary workaround, consider restricting access to the HTTP module until a patch is available.
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Huawei Ar Routers
Branch Intelligent Management System
Huawei S2000
Huawei S3000
Huawei S3500
Huawei S3900
Huawei S5100
Huawei Svn5600
Huawei S7800
Huawei S8500