CVE-2016-6669

Buffer overflow in the Authentication, Authorization and Accounting (AAA) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600 allows remote authenticated RADIUS servers to execute arbitrary code by sending a crafted EAP packet.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:huawei:usg2100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:huawei:usg2100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:huawei:usg2200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:huawei:usg2200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:huawei:usg5100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:huawei:usg5100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:huawei:usg5500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:huawei:usg5500_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:huawei:usg2100:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:usg2200:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:usg5100:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:usg5500:-:*:*:*:*:*:*:*

History

21 Nov 2024, 02:56

Type Values Removed Values Added
References () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160810-01-usg-en - VDB Entry () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160810-01-usg-en - VDB Entry
References () http://www.securityfocus.com/bid/92441 - () http://www.securityfocus.com/bid/92441 -

Information

Published : 2016-09-22 15:59

Updated : 2024-11-21 02:56


NVD link : CVE-2016-6669

Mitre link : CVE-2016-6669

CVE.ORG link : CVE-2016-6669


JSON object : View

Products Affected

huawei

  • usg2100_firmware
  • usg5100
  • usg2200
  • usg5100_firmware
  • usg5500
  • usg2200_firmware
  • usg5500_firmware
  • usg2100
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer