CVE-2014-4190

17.06.2014, 14:55

Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700, and LSW S9700 with software V200R001 before V200R001SPH013; S5700, S6700, S5300, and S6300 with software V200R002 before V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750, and LSW S9700 with software V200R003 before V200R003SPH005; and S7700, S9300, S9300E, and LSW S9700 with software V200R005 before V200R005C00SPC300 allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Vector
NIST	NIST	7.8 UNKNOWN	NETWORK	LOW	AV:N/AC:L/Au:N/C:N/I:N/A:C
mitre	CNA	---			---
CVE	ADP	---			---

Base Score

CVSS 3.x

EPSS Score

Percentile: 48%

Vendor	Product	Version
huawei	campus_lsw_s9700	-
huawei	campus_s3300hi	-
huawei	campus_s3700hi	-
huawei	campus_s5300	-
huawei	campus_s5700	-
huawei	campus_s6300	-
huawei	campus_s6700	-
huawei	campus_s7700	-
huawei	campus_s9300	-
huawei	campus_lsw_s9700	-
huawei	campus_s7700	-
huawei	campus_s9300	-
huawei	campus_s9300e	-
huawei	campus_lsw_s9700	-
huawei	campus_s2350	-
huawei	campus_s2750	-
huawei	campus_s5300	-
huawei	campus_s5700	-
huawei	campus_s6300	-
huawei	campus_s6700	-
huawei	campus_s7700	-
huawei	campus_s9300	-
huawei	campus_s9300e	-
huawei	campus_s5300	-
huawei	campus_s5700	-
huawei	campus_s6300	-
huawei	campus_s6700	-

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-343218.htm

http://www.securityfocus.com/bid/67907

http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-343218.htm

http://www.securityfocus.com/bid/67907