English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
146377 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.107831
Categoría:Huawei
Título:Huawei Data Communication: OpenSSL Vulnerability in Some Huawei Products (huawei-sa-20180613-01-openssl)
Resumen:Constructed ASN.1 types with a recursive definition in some OpenSSL versions could eventually exceed the stack given malicious input with excessive recursion.
Descripción:Summary:
Constructed ASN.1 types with a recursive definition in some OpenSSL versions could eventually exceed the stack given malicious input with excessive recursion.

Vulnerability Insight:
Constructed ASN.1 types with a recursive definition in some OpenSSL versions could eventually exceed the stack given malicious input with excessive recursion. Successful exploit could result in a Denial Of Service attack. (Vulnerability ID: HWPSIRT-2018-03073)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2018-0739.Huawei has released software updates to fix this vulnerability. This advisory is available in the linked references.

Vulnerability Impact:
Successful exploit could result in a Denial Of Service attack.

Affected Software/OS:
AR3200 versions V200R008C20

AnyOffice versions 2.5.0501.0290

EulerOS versions V200R005C00

FusionSphere OpenStack versions 6.5.0 6.5.RC1 6.5.RC2 V100R006C00 V100R006C10 V100R006C30

OceanStor 5300 V3 versions V300R006C10

OceanStor 5500 V3 versions V300R006C10

OceanStor 5600 V3 versions V300R006C10

OceanStor 5800 V3 versions V300R006C10

OceanStor 6800 V3 versions V300R006C10

OceanStor 9000 versions V300R005C00 V300R006C00 V300R006C10 V300R006C20

OceanStor ReplicationDirector versions V200R001C00 V200R001C20

OceanStor UDS versions V1R2C01LHWS01RC3 V1R2C01LHWS01RC6

SMC2.0 versions V500R002C00 V600R006C00 V600R006C10

eSpace VCN3000 versions V100R002C10 V100R002C20

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2018-0739
BugTraq ID: 103518
http://www.securityfocus.com/bid/103518
BugTraq ID: 105609
http://www.securityfocus.com/bid/105609
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9310d45087ae546e27e61ddf8f6367f29848220d
https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/
https://security.netapp.com/advisory/ntap-20180330-0002/
https://security.netapp.com/advisory/ntap-20180726-0002/
https://securityadvisories.paloaltonetworks.com/Home/Detail/133
https://www.openssl.org/news/secadv/20180327.txt
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.tenable.com/security/tns-2018-04
https://www.tenable.com/security/tns-2018-06
https://www.tenable.com/security/tns-2018-07
Debian Security Information: DSA-4157 (Google Search)
https://www.debian.org/security/2018/dsa-4157
Debian Security Information: DSA-4158 (Google Search)
https://www.debian.org/security/2018/dsa-4158
https://security.gentoo.org/glsa/201811-21
https://security.gentoo.org/glsa/202007-53
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://lists.debian.org/debian-lts-announce/2018/03/msg00033.html
RedHat Security Advisories: RHSA-2018:3090
https://access.redhat.com/errata/RHSA-2018:3090
RedHat Security Advisories: RHSA-2018:3221
https://access.redhat.com/errata/RHSA-2018:3221
RedHat Security Advisories: RHSA-2018:3505
https://access.redhat.com/errata/RHSA-2018:3505
RedHat Security Advisories: RHSA-2019:0366
https://access.redhat.com/errata/RHSA-2019:0366
RedHat Security Advisories: RHSA-2019:0367
https://access.redhat.com/errata/RHSA-2019:0367
RedHat Security Advisories: RHSA-2019:1711
https://access.redhat.com/errata/RHSA-2019:1711
RedHat Security Advisories: RHSA-2019:1712
https://access.redhat.com/errata/RHSA-2019:1712
http://www.securitytracker.com/id/1040576
https://usn.ubuntu.com/3611-1/
https://usn.ubuntu.com/3611-2/
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.