var-201605-0335
Vulnerability from variot
Buffer overflow in the Smart DNS functionality in the Huawei NGFW Module and Secospace USG6300, USG6500, USG6600, and USG9500 firewalls with software before V500R001C20SPC100 allows remote attackers to cause a denial of service or execute arbitrary code via a crafted packet, related to "illegitimate parameters.". Multiple Huawei Products are prone to a buffer-overflow vulnerability because they fail to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Attackers can exploit this issue to execute arbitrary code in the affected device. Failed exploit attempts will result in denial-of-service conditions. The Huawei NGFW Module and others are all firewall products of China's Huawei (Huawei). There are buffer overflow vulnerabilities in the Smart DNS function of several Huawei products. The following products and versions are affected: Huawei NGFW Module V500R001C00, Secospace USG6300 V500R001C00, Secospace USG6500 V500R001C00, Secospace USG6600 V500R001C00, and USG9500 V500R001C00
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201605-0335",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "usg9500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "ngfw module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ngfw module",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace usg6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace usg6500",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace usg6600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "usg9500",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "usg9500",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "usg9500",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002909"
},
{
"db": "NVD",
"id": "CVE-2016-4577"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-578"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4577"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-578"
}
],
"trust": 0.6
},
"cve": "CVE-2016-4577",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.2,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.8,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-4577",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.2,
"id": "VHN-93396",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:H/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-4577",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-4577",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-578",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-93396",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93396"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002909"
},
{
"db": "NVD",
"id": "CVE-2016-4577"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-578"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Smart DNS functionality in the Huawei NGFW Module and Secospace USG6300, USG6500, USG6600, and USG9500 firewalls with software before V500R001C20SPC100 allows remote attackers to cause a denial of service or execute arbitrary code via a crafted packet, related to \"illegitimate parameters.\". Multiple Huawei Products are prone to a buffer-overflow vulnerability because they fail to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. \nAttackers can exploit this issue to execute arbitrary code in the affected device. Failed exploit attempts will result in denial-of-service conditions. The Huawei NGFW Module and others are all firewall products of China\u0027s Huawei (Huawei). There are buffer overflow vulnerabilities in the Smart DNS function of several Huawei products. The following products and versions are affected: Huawei NGFW Module V500R001C00, Secospace USG6300 V500R001C00, Secospace USG6500 V500R001C00, Secospace USG6600 V500R001C00, and USG9500 V500R001C00",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4577"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002909"
},
{
"db": "BID",
"id": "90532"
},
{
"db": "VULHUB",
"id": "VHN-93396"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4577",
"trust": 2.8
},
{
"db": "BID",
"id": "90532",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002909",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201605-578",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-93396",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93396"
},
{
"db": "BID",
"id": "90532"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002909"
},
{
"db": "NVD",
"id": "CVE-2016-4577"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-578"
}
]
},
"id": "VAR-201605-0335",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-93396"
}
],
"trust": 0.5001841739999999
},
"last_update_date": "2023-12-18T13:48:47.567000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Buffer Overflow Vulnerability in Huawei Several Products (huawei-sa-20160511-01-dns)",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160511-01-dns-en"
},
{
"title": "Multiple Huawei Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=61891"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002909"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-578"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93396"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002909"
},
{
"db": "NVD",
"id": "CVE-2016-4577"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.4,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160511-01-dns-en"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/90532"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4577"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4577"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20160511-01-dns-cn"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93396"
},
{
"db": "BID",
"id": "90532"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002909"
},
{
"db": "NVD",
"id": "CVE-2016-4577"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-578"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-93396"
},
{
"db": "BID",
"id": "90532"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002909"
},
{
"db": "NVD",
"id": "CVE-2016-4577"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-578"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-23T00:00:00",
"db": "VULHUB",
"id": "VHN-93396"
},
{
"date": "2016-05-11T00:00:00",
"db": "BID",
"id": "90532"
},
{
"date": "2016-05-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002909"
},
{
"date": "2016-05-23T19:59:11.197000",
"db": "NVD",
"id": "CVE-2016-4577"
},
{
"date": "2016-05-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-578"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-93396"
},
{
"date": "2016-07-06T14:38:00",
"db": "BID",
"id": "90532"
},
{
"date": "2016-05-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002909"
},
{
"date": "2016-11-28T20:19:03.073000",
"db": "NVD",
"id": "CVE-2016-4577"
},
{
"date": "2016-05-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-578"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-578"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Device product software Smart DNS Buffer overflow vulnerability in function",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002909"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-578"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.