CVE-2016-8795

Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer overflow and cause the device to reset.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r002c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r002c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
OR cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r002c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
OR cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:huawei:cloudengine_8800_firmware:v100r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:cloudengine_8800:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:00

Type Values Removed Values Added
References () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-vrp-en - Vendor Advisory () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-vrp-en - Vendor Advisory
References () http://www.securityfocus.com/bid/94504 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/94504 - Third Party Advisory, VDB Entry

Information

Published : 2017-04-02 20:59

Updated : 2024-11-21 03:00


NVD link : CVE-2016-8795

Mitre link : CVE-2016-8795

CVE.ORG link : CVE-2016-8795


JSON object : View

Products Affected

huawei

  • cloudengine_8800
  • cloudengine_7800
  • cloudengine_6800_firmware
  • cloudengine_7800_firmware
  • secospace_usg6600
  • cloudengine_6800
  • secospace_usg6600_firmware
  • cloudengine_8800_firmware
  • cloudengine_12800
  • cloudengine_5800_firmware
  • cloudengine_5800
  • cloudengine_12800_firmware
CWE
CWE-190

Integer Overflow or Wraparound