CVE-2014-4190

Name of the Vulnerable Software and Affected Versions Huawei Campus Series Switches S3700HI versions V200R001 through V200R001SPH013 Huawei Campus Series Switches S5700 versions V200R001 through V200R001SPH013, V200R002 through V200R002SPH005, V200R003 through V200R003SPH005 Huawei Campus Series Switches S6700 versions V200R001 through V200R001SPH013, V200R002 through V200R002SPH005, V200R003 through V200R003SPH005 Huawei Campus Series Switches S3300HI versions V200R001 through V200R001SPH013 Huawei Campus Series Switches S5300 versions V200R001 through V200R001SPH013, V200R002 through V200R002SPH005, V200R003 through V200R003SPH005 Huawei Campus Series Switches S6300 versions V200R001 through V200R001SPH013, V200R002 through V200R002SPH005, V200R003 through V200R003SPH005 Huawei Campus Series Switches S9300 versions V200R003 through V200R003SPH005, V200R005 through V200R005C00SPC300 Huawei Campus Series Switches S7700 versions V200R003 through V200R003SPH005, V200R005 through V200R005C00SPC300 Huawei Campus Series Switches S9300E versions V200R003 through V200R003SPH005 Huawei Campus Series Switches S2350 versions V200R003 through V200R003SPH005 Huawei Campus Series Switches S2750 versions V200R003 through V200R003SPH005 Huawei Campus Series Switches LSW S9700 versions V200R001 through V200R001SPH013, V200R003 through V200R003SPH005, V200R005 through V200R005C00SPC300

Description The issue is caused by multiple heap-based buffer overflows in Huawei Campus Series Switches, allowing remote attackers to cause a denial of service (device restart) via a crafted length field in a packet.

Recommendations For Huawei Campus Series Switches S3700HI versions V200R001 through V200R001SPH013, update to V200R001SPH013 or later. For Huawei Campus Series Switches S5700 versions V200R001 through V200R001SPH013, update to V200R001SPH013 or later. For versions V200R002 through V200R002SPH005, update to V200R002SPH005 or later. For versions V200R003 through V200R003SPH005, update to V200R003SPH005 or later. For Huawei Campus Series Switches S6700 versions V200R001 through V200R001SPH013, update to V200R001SPH013 or later. For versions V200R002 through V200R002SPH005, update to V200R002SPH005 or later. For versions V200R003 through V200R003SPH005, update to V200R003SPH005 or later. For Huawei Campus Series Switches S3300HI versions V200R001 through V200R001SPH013, update to V200R001SPH013 or later. For Huawei Campus Series Switches S5300 versions V200R001 through V200R001SPH013, update to V200R001SPH013 or later. For versions V200R002 through V200R002SPH005, update to V200R002SPH005 or later. For versions V200R003 through V200R003SPH005, update to V200R003SPH005 or later. For Huawei Campus Series Switches S6300 versions V200R001 through V200R001SPH013, update to V200R001SPH013 or later. For versions V200R002 through V200R002SPH005, update to V200R002SPH005 or later. For versions V200R003 through V200R003SPH005, update to V200R003SPH005 or later. For Huawei Campus Series Switches S9300 versions V200R003 through V200R003SPH005, update to V200R003SPH005 or later. For versions V200R005 through V200R005C00SPC300, update to V200R005C00SPC300 or later. For Huawei Campus Series Switches S7700 versions V200R003 through V200R003SPH005, update to V200R003SPH005 or later. For versions V200R005 through V200R005C00SPC300, update to V200R005C00SPC300 or later. For Huawei Campus Series Switches S9300E versions V200R003 through V200R003SPH005, update to V200R003SPH005 or later. For Huawei Campus Series Switches S2350 versions V200R003 through V200R003SPH005, update to V200R003SPH005 or later. For Huawei Campus Series Switches S2750 versions V200R003 through V200R003SPH005, update to V200R003SPH005 or later. For Huawei Campus Series Switches LSW S9700 versions V200R001 through V200R001SPH013, update to V200R001SPH013 or later. For versions V200R003 through V200R003SPH005, update to V200R003SPH005 or later. For versions V200R005 through V200R005C00SPC300, update to V200R005C00SPC300 or later.