CVE-2016-4577 - OpenCVE

Buffer overflow in the Smart DNS functionality in the Huawei NGFW Module and Secospace USG6300, USG6500, USG6600, and USG9500 firewalls with software before V500R001C20SPC100 allows remote attackers to cause a denial of service or execute arbitrary code via a crafted packet, related to "illegitimate parameters."

No CVSS v3.1

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Adjacent Network

Access Complexity High

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:A/AC:H/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Huawei	Ngfw Module Usg9500 Firmware Secospace Usg6600 Firmware Secospace Usg6300 Secospace Usg6500 Firmware Ngfw Module Firmware Secospace Usg6600 Usg9500 Secospace Usg6300 Firmware Secospace Usg6500

Configuration 1 [-]

AND

cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*

cpe:2.3:o:huawei:usg9500_firmware:v500r001c00:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*

cpe:2.3:o:huawei:ngfw_module_firmware:v500r001c00:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*

cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c00:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*

cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*

cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c00:*:*:*:*:*:*:*

References

Link	Resource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160511-01-dns-en	Vendor Advisory
http://www.securityfocus.com/bid/90532

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2016-05-23T19:00:00

Updated: 2016-11-25T19:57:01

Reserved: 2016-05-11T00:00:00

Link: CVE-2016-4577

JSON object: View

NVD Information

Status : Modified

Published: 2016-05-23T19:59:11.197

Modified: 2016-11-28T20:19:03.073

Link: CVE-2016-4577

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-05-11T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in the Smart DNS functionality in the Huawei NGFW Module and Secospace USG6300, USG6500, USG6600, and USG9500 firewalls with software before V500R001C20SPC100 allows remote attackers to cause a denial of service or execute arbitrary code via a crafted packet, related to \"illegitimate parameters.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-11-25T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160511-01-dns-en"}, {"name": "90532", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/90532"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-4577", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in the Smart DNS functionality in the Huawei NGFW Module and Secospace USG6300, USG6500, USG6600, and USG9500 firewalls with software before V500R001C20SPC100 allows remote attackers to cause a denial of service or execute arbitrary code via a crafted packet, related to \"illegitimate parameters.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160511-01-dns-en", "refsource": "CONFIRM", "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160511-01-dns-en"}, {"name": "90532", "refsource": "BID", "url": "http://www.securityfocus.com/bid/90532"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-4577", "datePublished": "2016-05-23T19:00:00", "dateReserved": "2016-05-11T00:00:00", "dateUpdated": "2016-11-25T19:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*", "matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c00:*:*:*:*:*:*:*", "matchCriteriaId": "22007E6A-68FC-4AF4-A570-95873AFBF882", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*", "matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r001c00:*:*:*:*:*:*:*", "matchCriteriaId": "80411236-6B22-4937-87F3-E06C991B14D6", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*", "matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c00:*:*:*:*:*:*:*", "matchCriteriaId": "4C996915-83A1-4EA5-A8E1-F609DA879D2D", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*", "matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00:*:*:*:*:*:*:*", "matchCriteriaId": "E990766D-FBD4-404E-A783-3D2D0BC210F3", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*", "matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c00:*:*:*:*:*:*:*", "matchCriteriaId": "3189382E-6846-4713-A92F-ABD03683F4A5", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Buffer overflow in the Smart DNS functionality in the Huawei NGFW Module and Secospace USG6300, USG6500, USG6600, and USG9500 firewalls with software before V500R001C20SPC100 allows remote attackers to cause a denial of service or execute arbitrary code via a crafted packet, related to \"illegitimate parameters.\""}, {"lang": "es", "value": "Desbordamiento de buffer en la funcionalidad Smart DNS en los firewalls Huawei NGFW Module y Secospace USG6300, USG6500, USG6600 y USG9500 con software anterior a V500R001C20SPC100 permite a atacantes remotos provocar una denegaci\u00f3n de servicio o ejecutar c\u00f3digo arbitrario a trav\u00e9s de un paquete manipulado, relacionado con \"par\u00e1metros ileg\u00edtimos\"."}], "id": "CVE-2016-4577", "lastModified": "2016-11-28T20:19:03.073", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.8, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.2, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-05-23T19:59:11.197", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160511-01-dns-en"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/90532"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}