Huawei : Huawei Data Communication: Two Vulnerabilities of License Module in Some Huawei Products (huawei-sa-20171206-01-license)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.108782

Categoría: Huawei

Título: Huawei Data Communication: Two Vulnerabilities of License Module in Some Huawei Products (huawei-sa-20171206-01-license)

Resumen: There is a uncontrolled format string vulnerability when the license module of some Huawei products output the log information.;; This VT has been deprecated and is therefore no longer functional.

Descripción: Summary:
There is a uncontrolled format string vulnerability when the license module of some Huawei products output the log information.

This VT has been deprecated and is therefore no longer functional.

Vulnerability Insight:
There is a uncontrolled format string vulnerability when the license module of some Huawei products output the log information. An authenticated attacker could exploit this vulnerability to cause a denial of service. (Vulnerability ID: HWPSIRT-2017-06138)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-17132.There is a null pointer reference vulnerability in license module of some Huawei products due to insufficient verification. If the license module processes a special malicious license file, the processing will crashed. The attacker can exploit this vulnerability to cause a denial of service. (Vulnerability ID: HWPSIRT-2017-09100)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-17133.Huawei has released software updates to fix these vulnerabilities. This advisory is available in the linked references.

Vulnerability Impact:
The attacker can exploit these vulnerabilities to cause a denial of service.

Affected Software/OS:
VP9660 versions V500R002C10

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
2.1

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2017-17132
Common Vulnerability Exposure (CVE) ID: CVE-2017-17133

Copyright Copyright (C) 2020 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.108782
Categoría:	Huawei
Título:	Huawei Data Communication: Two Vulnerabilities of License Module in Some Huawei Products (huawei-sa-20171206-01-license)
Resumen:	There is a uncontrolled format string vulnerability when the license module of some Huawei products output the log information.;; This VT has been deprecated and is therefore no longer functional.
Descripción:	Summary: There is a uncontrolled format string vulnerability when the license module of some Huawei products output the log information. This VT has been deprecated and is therefore no longer functional. Vulnerability Insight: There is a uncontrolled format string vulnerability when the license module of some Huawei products output the log information. An authenticated attacker could exploit this vulnerability to cause a denial of service. (Vulnerability ID: HWPSIRT-2017-06138)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-17132.There is a null pointer reference vulnerability in license module of some Huawei products due to insufficient verification. If the license module processes a special malicious license file, the processing will crashed. The attacker can exploit this vulnerability to cause a denial of service. (Vulnerability ID: HWPSIRT-2017-09100)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-17133.Huawei has released software updates to fix these vulnerabilities. This advisory is available in the linked references. Vulnerability Impact: The attacker can exploit these vulnerabilities to cause a denial of service. Affected Software/OS: VP9660 versions V500R002C10 Solution: See the referenced vendor advisory for a solution. CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-17132 Common Vulnerability Exposure (CVE) ID: CVE-2017-17133
Copyright	Copyright (C) 2020 Greenbone AG