PT-2013-2023 · Huawei · Huawei S3000+9
Felix Lindner
·
Published
2013-06-20
·
Updated
2013-06-21
·
CVE-2012-6569
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Huawei Branch Intelligent Management System (BIMS) (affected versions not specified)
Huawei AR routers (affected versions not specified)
Huawei S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches (affected versions not specified)
Description
The issue is a stack-based buffer overflow in the HTTP module. This allows remote attackers to execute arbitrary code via a long URI.
Recommendations
For Huawei Branch Intelligent Management System (BIMS), update to a version that fixes the HTTP module issue.
For Huawei AR routers, update to a version that fixes the HTTP module issue.
For Huawei S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches, update to a version that fixes the HTTP module issue.
As a temporary workaround, consider restricting access to the HTTP module until a patch is available.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Huawei Ar Routers
Branch Intelligent Management System
Huawei S2000
Huawei S3000
Huawei S3500
Huawei S3900
Huawei S5100
Huawei Svn5600
Huawei S7800
Huawei S8500