Lucene search
Huawei TechnologiesHUAWEI-SA-20180103-01-SFTPHistoryJan 03, 2018 - 12:00 a.m.
Security Advisory - Memory Leak Vulnerability in Several Huawei products
2018-01-0300:00:00
Huawei Technologies
www.huawei.com
10
There is a memory leak vulnerability in several Huawei products. An unauthenticated, remote attacker could craft malformed packets with specific parameters when connecting with the affect products by SFTP/SSH protocol. Due to insufficient validation of packets, successful exploit could cause a memory leak and eventual denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2017-07015)
Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180103-01-sftp-en
Affected configurations
Node
huaweidp300Matchv500r002c00
ORhuaweirp200Matchv500r002c00spc200
ORhuaweirp200Matchv600r006c00
ORhuaweite30Matchv100r001c02
ORhuaweite30Matchv100r001c10
ORhuaweite30Matchv500r002c00
ORhuaweite30Matchv600r006c00
ORhuaweite40Matchv500r002c00
ORhuaweite40Matchv600r006c00
ORhuaweite50Matchv500r002c00
ORhuaweite50Matchv600r006c00
ORhuaweite60Matchv100r001c01
ORhuaweite60Matchv100r001c10
ORhuaweite60Matchv500r002c00
ORhuaweite60Matchv600r006c00
ORhuaweitp3106Matchv100r002c00
ORhuaweitp3206Matchv100r002c00
ORhuaweitp3206Matchv100r002c10
| CPE | Name | Operator | Version |
|---|---|---|---|
| dp300 | eq | V500R002C00 | |
| rp200 | eq | V500R002C00SPC200 | |
| rp200 | eq | V600R006C00 | |
| te30 | eq | V100R001C02 | |
| te30 | eq | V100R001C10 | |
| te30 | eq | V500R002C00 | |
| te30 | eq | V600R006C00 | |
| te40 | eq | V500R002C00 | |
| te40 | eq | V600R006C00 | |
| te50 | eq | V500R002C00 |