Improper Input Validation Vulnerability in Multiple Siemens Products

The SPPA-S2000 simulates the automation component S7 of the nuclear DCS system SPPA-T2000.The SPPA-S3000 simulates the automation component of the DCS system SPPA-T3000.The SPPA-T3000 is a distributed control system for use in fossil and large renewable energy power plants. A security vulnerabili...

Stack overflow

Stack-based buffer overflow in the HTTP module in the 1 Branch Intelligent Management System BIMS and 2 web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to execute arbitrary code via a long URI...

CVE-2012-6571

The CVE-2012-6571 issue affects Huawei devices (AR routers and S-series switches: S2000, S3000, S3500, S3900, S5100, S5600, S7800). The HTTP module in the BIMS/web management components uses predictable Session ID values, enabling remote attackers to hijack sessions via brute-force. This is docum...

CVE-2012-6569

Stack-based buffer overflow in the HTTP module in the 1 Branch Intelligent Management System BIMS and 2 web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to execute arbitrary code via a long URI...

CVE-2012-6570

The CVE-2012-6570 entry concerns Huawei AR routers and related Huawei S-series switches (S2000, S3000, S3500, S3900, S5100, S5600, S7800, S8500) where the HTTP module fails to validate that incoming data length respects the Content-Length header. This vulnerability in the HTTP module of both the ...