EUVD-2015-5390

Malware in sbrugna...

Design/Logic Flaw

HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and forwarding VRF hopping."...

CVE-2015-5434

HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and forwarding VRF hopping."...

CVE-2015-5434

CVE-2015-5434 affects HPE Networking/Comware 5 and 7 (HP/H3C) devices. Multiple connected sources describe a vulnerability where remote, unauthenticated attackers can bypass access restrictions or cause a denial of service by abusing virtual routing and forwarding (VRF) hopping. The root issue is...

CVE-2015-8087

The CVE-2015-8087 VRF hopping issue affects Huawei NE20E-S, NE40E-M, NE40E-M2 (older software) and NE40E/NE80E routers where MPLS forwarding packets are not strictly checked. This allows remote attackers to forward packets to other VPNs, enabling flooding attacks against the destination VPN. Root...

Security Advisory - VRF Hopping Vulnerability in Multiple Routers

A VPN routing and forwarding VRF hopping vulnerability exists in Huawei routers. The routers do not strictly check received MPLS forwarding packets, and an attacker may exploit this vulnerability to forward crafted packets to MPLS links, which leads to flood attacks against the destination VPN...