14 matches found
EUVD-2016-9623
Malware in sbrugna...
CVE-2016-8798
Huawei USG5500 with software V300R001C00 and V300R001C00 allows attackers to bypass the anti-DDoS module of the USGs to cause a denial of service condition on the backend server...
Design/Logic Flaw
Huawei USG5500 with software V300R001C00 and V300R001C00 allows attackers to bypass the anti-DDoS module of the USGs to cause a denial of service condition on the backend server...
CVE-2016-8798
CVE-2016-8798 affects Huawei USG5500 devices. The vulnerability allows an attacker to bypass the anti-DDoS module, enabling a denial-of-service condition on the backend server. Affected software versions are V300R001C00 (and related build series mentioned in sources). The issue stems from a defen...
CVE-2016-8798
Huawei USG5500 with software V300R001C00 and V300R001C00 allows attackers to bypass the anti-DDoS module of the USGs to cause a denial of service condition on the backend server...
Huawei USG Product Security Bypass Vulnerability
Huawei USG5500 is a firewall product from Huawei, China. A security vulnerability exists in the Huawei USG5500 V300R001C00 and V300R001C10, which allows remote attackers to conduct denial-of-service attacks by sending a large number of HTTP messages to bypass the DDOS defense module of the USG...
Buffer overflow
Buffer overflow in the Point-to-Point Protocol over Ethernet PPPoE module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600, when CHAP authentication is configured on the server, allows remote attackers to cause a denial of service...
CVE-2016-8276
CVE-2016-8276 concerns Huawei USG2100/USG2200/USG5100/USG5500 unified security gateways. A buffer overflow in the PPPoE module occurs when CHAP authentication is configured on the server, allowing remote attackers to cause a server restart or execute arbitrary code via crafted packets during auth...
CVE-2016-6669
Buffer overflow in the Authentication, Authorization and Accounting AAA module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600 allows remote authenticated RADIUS servers to execute arbitrary code by sending a crafted EAP packet...
Buffer overflow
Buffer overflow in the Authentication, Authorization and Accounting AAA module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600 allows remote authenticated RADIUS servers to execute arbitrary code by sending a crafted EAP packet...
Code injection
Huawei USG5500, USG2100, USG2200, and USG5100 unified security gateways with software before V300R001C10SPC600, when "DHCP Snooping" is enabled and either "option82 insert" or "option82 rebuild" is enabled on an interface, allow remote attackers to cause a denial of service reboot via crafted DHC...
CVE-2015-8084
CVE-2015-8084 affects Huawei USG5500, USG2100, USG2200, and USG5100 unified security gateways with software prior to V300R001C10SPC600. When DHCP Snooping is enabled and option82 insert or option82 rebuild is active on an interface, devices fail to parse certain DHCP packets, enabling remote atta...
DHCP Denial of Service Vulnerability in Multiple Huawei Products
The Huawei USG5500, USG2100, USG2200, and USG5100 are firewall products from Huawei China. The Huawei USG5500, USG2100, USG2200, and USG5100 fail to properly parse 'option82 insert' or 'option82 rebuild' when enabled. DHCP packets, allowing remote attackers to conduct denial of service attacks by...
CVE-2012-4960
CVE-2012-4960 covers a DES-based password encryption weakness in Huawei networking devices (including NE5000E, NE40E/80E, CX/ CX600, and related models). The root cause is use of DES for stored passwords, enabling brute-force or context-dependent attacks to recover cleartext passwords. Public adv...