Huawei : Huawei Data Communication: Two Vulnerabilities of License Module in Some Huawei Products (huawei-sa-20171206-01-license)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.108782

Kategorie: Huawei

Titel: Huawei Data Communication: Two Vulnerabilities of License Module in Some Huawei Products (huawei-sa-20171206-01-license)

Zusammenfassung: There is a uncontrolled format string vulnerability when the license module of some Huawei products output the log information.

Beschreibung: Summary:
There is a uncontrolled format string vulnerability when the license module of some Huawei products output the log information.

Vulnerability Insight:
There is a uncontrolled format string vulnerability when the license module of some Huawei products output the log information. An authenticated attacker could exploit this vulnerability to cause a denial of service. (Vulnerability ID: HWPSIRT-2017-06138)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-17132.There is a null pointer reference vulnerability in license module of some Huawei products due to insufficient verification. If the license module processes a special malicious license file, the processing will crashed. The attacker can exploit this vulnerability to cause a denial of service. (Vulnerability ID: HWPSIRT-2017-09100)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-17133.Huawei has released software updates to fix these vulnerabilities. This advisory is available in the linked references.

Vulnerability Impact:
The attacker can exploit these vulnerabilities to cause a denial of service.

Affected Software/OS:
VP9660 versions V500R002C10

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
2.1

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2017-17132
Common Vulnerability Exposure (CVE) ID: CVE-2017-17133

Copyright Copyright (C) 2020 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.108782
Kategorie:	Huawei
Titel:	Huawei Data Communication: Two Vulnerabilities of License Module in Some Huawei Products (huawei-sa-20171206-01-license)
Zusammenfassung:	There is a uncontrolled format string vulnerability when the license module of some Huawei products output the log information.
Beschreibung:	Summary: There is a uncontrolled format string vulnerability when the license module of some Huawei products output the log information. Vulnerability Insight: There is a uncontrolled format string vulnerability when the license module of some Huawei products output the log information. An authenticated attacker could exploit this vulnerability to cause a denial of service. (Vulnerability ID: HWPSIRT-2017-06138)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-17132.There is a null pointer reference vulnerability in license module of some Huawei products due to insufficient verification. If the license module processes a special malicious license file, the processing will crashed. The attacker can exploit this vulnerability to cause a denial of service. (Vulnerability ID: HWPSIRT-2017-09100)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-17133.Huawei has released software updates to fix these vulnerabilities. This advisory is available in the linked references. Vulnerability Impact: The attacker can exploit these vulnerabilities to cause a denial of service. Affected Software/OS: VP9660 versions V500R002C10 Solution: See the referenced vendor advisory for a solution. CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-17132 Common Vulnerability Exposure (CVE) ID: CVE-2017-17133
Copyright	Copyright (C) 2020 Greenbone Networks GmbH