Test Kennung:	1.3.6.1.4.1.25623.1.0.143928
Kategorie:	Huawei
Titel:	Huawei Data Communication: Input Validation Vulnerability in Multiple Huawei Products (huawei-sa-20160427-01-dns)
Zusammenfassung:	There is an input validation vulnerability in Multiple Huawei products.
Beschreibung:	Summary: There is an input validation vulnerability in Multiple Huawei products. Vulnerability Insight: There is an input validation vulnerability in Multiple Huawei products, when the debug switch on the device is enabled, an attacker with network access may exploit this vulnerability by crafting malformed DNS packets and sending them to the target device. As for the lacking of input validation, an exploit could allow the attacker to cause a denial of service or remote code execution. (Vulnerability ID: HWPSIRT-2015-12046)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-4087.Huawei has released software updates to fix this vulnerability. This advisory is available in the linked references. Vulnerability Impact: An exploit could allow the attacker to cause a denial of service or remote code execution. Affected Software/OS: S12700 versions V200R005C00SPC300 S2700 versions V100R006C05 S3700 versions V100R006C05 S5700 versions V200R001C00 V200R002C00SPC100 V200R003C00SPC300 V200R005C00 S6700 versions V200R001C00 V200R002C00 V200R005C00 V200R005C01 V200R005C02 S7700 versions V200R001C00 V200R002C00 V200R003C00 V200R005C00 S9700 versions V200R001C00 V200R002C00 V200R003C00 V200R005C00 Solution: See the referenced vendor advisory for a solution. CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-4087
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.