Lucene search
Huawei TechnologiesHUAWEI-SA-20160301-01-HTTPHistoryMar 01, 2016 - 12:00 a.m.
Security Advisory - Chunked HTTP Packet L7-Parsing Vulnerability in Huawei Products
2016-03-0100:00:00
Huawei Technologies
www.huawei.com
5
There is a vulnerability in several Huawei products: AR series, NetEngine16EX and SRG series.
If the Layer 7 HTTP chunked packet paring function is enabled on these devices, an attacker could exploit the vulnerability to craft a special HTTP chunked packet and send it to the target device to cause it to restart, resulting in a DoS attack (Vulnerability ID: HWPSIRT-2015-09026).
Huawei has released software updates to fix these vulnerabilities. This advisory is available at the following link:
<http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160301-01-http-en>
Affected configurations
Node
huaweiar120Matchv200r003c01spc300
ORhuaweiar1200Matchv200r003c01spc300
ORhuaweiar1200Matchv200r003c01spc300
ORhuaweiar120Matchv200r003c01spc300
ORhuaweiar150Matchv200r003c01spc300
ORhuaweiar150Matchv200r003c01spc300
ORhuaweiar160Matchv200r003c01spc300
ORhuaweiar160Matchv200r003c01spc300
ORhuaweiar200Matchv200r003c01spc300
ORhuaweiar200Matchv200r003c01spc300
ORhuaweiar2200Matchv200r003c01spc300
ORhuaweiar2200Matchv200r003c01spc300
ORhuaweiar3200Matchv200r003c01spc300
ORhuaweiar3200Matchv200r003c01spc300
ORhuaweiar3600Matchv200r003c01spc300
ORhuaweiar500Matchv200r003c01spc300
ORhuaweiar510Matchv200r003c01spc300
ORhuaweiar120Matchv200r003c01spc900
ORhuaweiar1200Matchv200r003c01spc900
ORhuaweiar1200Matchv200r003c01spc900
ORhuaweiar120Matchv200r003c01spc900
ORhuaweiar150Matchv200r003c01spc900
ORhuaweiar150Matchv200r003c01spc900
ORhuaweiar160Matchv200r003c01spc900
ORhuaweiar160Matchv200r003c01spc900
ORhuaweiar200Matchv200r003c01spc900
ORhuaweiar200Matchv200r003c01spc900
ORhuaweiar2200Matchv200r003c01spc900
ORhuaweiar2200Matchv200r003c01spc900
ORhuaweiar3200Matchv200r003c01spc900
ORhuaweiar3200Matchv200r003c01spc900
ORhuaweiar3600Matchv200r003c01spc900
ORhuaweiar500Matchv200r003c01spc900
ORhuaweiar510Matchv200r003c01spc900
ORhuaweiar120Matchv200r005c20spc200
ORhuaweiar1200Matchv200r005c20spc200
ORhuaweiar1200Matchv200r005c20spc200
ORhuaweiar120Matchv200r005c20spc200
ORhuaweiar150Matchv200r005c20spc200
ORhuaweiar150Matchv200r005c20spc200
ORhuaweiar160Matchv200r005c20spc200
ORhuaweiar160Matchv200r005c20spc200
ORhuaweiar200Matchv200r005c20spc200
ORhuaweiar200Matchv200r005c20spc200
ORhuaweiar2200Matchv200r005c20spc200
ORhuaweiar2200Matchv200r005c20spc200
ORhuaweiar3200Matchv200r005c20spc200
ORhuaweiar3200Matchv200r005c20spc200
ORhuaweiar3600Matchv200r005c20spc200
ORhuaweiar500Matchv200r005c20spc200
ORhuaweiar510Matchv200r005c20spc200
ORhuaweiar120Matchv200r005c20spc500
ORhuaweiar1200Matchv200r005c20spc500
ORhuaweiar1200Matchv200r005c20spc500
ORhuaweiar120Matchv200r005c20spc500
ORhuaweiar150Matchv200r005c20spc500
ORhuaweiar150Matchv200r005c20spc500
ORhuaweiar160Matchv200r005c20spc500
ORhuaweiar160Matchv200r005c20spc500
ORhuaweiar200Matchv200r005c20spc500
ORhuaweiar200Matchv200r005c20spc500
ORhuaweiar2200Matchv200r005c20spc500
ORhuaweiar2200Matchv200r005c20spc500
ORhuaweiar3200Matchv200r005c20spc500
ORhuaweiar3200Matchv200r005c20spc500
ORhuaweiar3600Matchv200r005c20spc500
ORhuaweiar500Matchv200r005c20spc500
ORhuaweiar510Matchv200r005c20spc500
ORhuaweiar120Matchv200r005c20spc700
ORhuaweiar1200Matchv200r005c20spc700
ORhuaweiar1200Matchv200r005c20spc700
ORhuaweiar120Matchv200r005c20spc700
ORhuaweiar150Matchv200r005c20spc700
ORhuaweiar150Matchv200r005c20spc700
ORhuaweiar160Matchv200r005c20spc700
ORhuaweiar160Matchv200r005c20spc700
ORhuaweiar200Matchv200r005c20spc700
ORhuaweiar200Matchv200r005c20spc700
ORhuaweiar2200Matchv200r005c20spc700
ORhuaweiar2200Matchv200r005c20spc700
ORhuaweiar3200Matchv200r005c20spc700
ORhuaweiar3200Matchv200r005c20spc700
ORhuaweiar3600Matchv200r005c20spc700
ORhuaweiar500Matchv200r005c20spc700
ORhuaweiar510Matchv200r005c20spc700
ORhuaweinetengine16exMatchv200r003c01spc300
ORhuaweinetengine16exMatchv200r003c01spc900
ORhuaweinetengine16exMatchv200r005c20spc200
ORhuaweinetengine16exMatchv200r005c20spc500
ORhuaweinetengine16exMatchv200r005c20spc700
ORhuaweinetengine16exMatchv200r006c10spc300
ORhuaweisrg1300Matchv200r003c01spc300
ORhuaweisrg2300Matchv200r003c01spc300
ORhuaweisrg3300Matchv200r003c01spc300
ORhuaweisrg1300Matchv200r003c01spc900
ORhuaweisrg2300Matchv200r003c01spc900
ORhuaweisrg3300Matchv200r003c01spc900
ORhuaweisrg1300Matchv200r005c20spc200
ORhuaweisrg2300Matchv200r005c20spc200
ORhuaweisrg3300Matchv200r005c20spc200
ORhuaweisrg1300Matchv200r005c20spc500
ORhuaweisrg2300Matchv200r005c20spc500
ORhuaweisrg3300Matchv200r005c20spc500
ORhuaweisrg1300Matchv200r005c20spc700
ORhuaweisrg2300Matchv200r005c20spc700
ORhuaweisrg3300Matchv200r005c20spc700
ORhuaweisrg1300Matchv200r006c10spc300
ORhuaweisrg2300Matchv200r006c10spc300
ORhuaweisrg3300Matchv200r006c10spc300