Details of VAR-201306-0209

ID

VAR-201306-0209

CVE

CVE-2012-6570

TITLE

Huawei of AR Heap-based buffer overflow vulnerability in router and switch products

Trust: 0.8

sources: JVNDB: JVNDB-2012-006007

DESCRIPTION

The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows remote HTTP servers to conduct heap-based buffer overflow attacks and execute arbitrary code via a crafted response. Huawei AR routers and Huawei S series switches are network devices of Huawei products. Attackers may be able to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Huawei Access Router (AR) is a low-end router product developed by Huawei in China. This product provides mobile and fixed network access methods, suitable for enterprise networks

Trust: 2.7

sources: NVD: CVE-2012-6570 // JVNDB: JVNDB-2012-006007 // CNVD: CNVD-2013-08072 // BID: 60712 // IVD: e44f6a90-2352-11e6-abef-000c29c66e3d // VULHUB: VHN-59851

IOT TAXONOMY

category:	['ICS', 'Network device']	sub_category:	-	Trust: 0.6
category:	['ICS']	sub_category:	-	Trust: 0.2

sources: IVD: e44f6a90-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-08072

AFFECTED PRODUCTS

vendor:	huawei	model:	s2700	scope:	eq	version:	r6305	Trust: 2.4
vendor:	huawei	model:	s3300hi	scope:	eq	version:	r6305	Trust: 2.4
vendor:	huawei	model:	s3500	scope:	eq	version:	r6305	Trust: 2.4
vendor:	huawei	model:	s3700	scope:	eq	version:	r6305	Trust: 2.4
vendor:	huawei	model:	s3900	scope:	eq	version:	r6305	Trust: 2.4
vendor:	huawei	model:	s5100	scope:	eq	version:	r6305	Trust: 2.4
vendor:	huawei	model:	s5600	scope:	eq	version:	r6305	Trust: 2.4
vendor:	huawei	model:	s7800	scope:	eq	version:	r6305	Trust: 2.4
vendor:	huawei	model:	ar 18-1x	scope:	lte	version:	r0130	Trust: 1.8
vendor:	huawei	model:	ar 18-2x	scope:	lte	version:	r1712	Trust: 1.8
vendor:	huawei	model:	ar 18-3x	scope:	lte	version:	r0118	Trust: 1.8
vendor:	huawei	model:	s2000	scope:	eq	version:	r6305	Trust: 1.8
vendor:	huawei	model:	s2300	scope:	eq	version:	r6305	Trust: 1.8
vendor:	huawei	model:	s3000	scope:	eq	version:	r6305	Trust: 1.8
vendor:	huawei	model:	s3300	scope:	eq	version:	r6305	Trust: 1.8
vendor:	huawei	model:	s8500	scope:	eq	version:	r1631	Trust: 1.6
vendor:	huawei	model:	s8500	scope:	eq	version:	r1632	Trust: 1.6
vendor:	huawei	model:	ar 28\/46	scope:	lte	version:	r0311	Trust: 1.0
vendor:	huawei	model:	ar 19\/29\/49	scope:	lte	version:	r2207	Trust: 1.0
vendor:	huawei	model:	ar 19/29/49	scope:	lte	version:	r2207	Trust: 0.8
vendor:	huawei	model:	ar 28/46	scope:	lte	version:	r0311	Trust: 0.8
vendor:	huawei	model:	s8500	scope:	eq	version:	r1631 and r1632	Trust: 0.8
vendor:	huawei	model:	ar routers	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	s2000	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	s3000	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	s3500	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	s3900	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	s5100	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	s5600	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	s7800	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	s8500	scope:	-	version:	-	Trust: 0.6
vendor:	ar 18 1x	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	ar 18 2x	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	ar 18 3x	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	ar 19 29 49	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	ar 28 46	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	s2000	model:	r6305	scope:	-	version:	-	Trust: 0.2
vendor:	s2300	model:	r6305	scope:	-	version:	-	Trust: 0.2
vendor:	s2700	model:	r6305	scope:	-	version:	-	Trust: 0.2
vendor:	s3000	model:	r6305	scope:	-	version:	-	Trust: 0.2
vendor:	s3300	model:	r6305	scope:	-	version:	-	Trust: 0.2
vendor:	s3300hi	model:	r6305	scope:	-	version:	-	Trust: 0.2
vendor:	s3500	model:	r6305	scope:	-	version:	-	Trust: 0.2
vendor:	s3700	model:	r6305	scope:	-	version:	-	Trust: 0.2
vendor:	s3900	model:	r6305	scope:	-	version:	-	Trust: 0.2
vendor:	s5100	model:	r6305	scope:	-	version:	-	Trust: 0.2
vendor:	s5600	model:	r6305	scope:	-	version:	-	Trust: 0.2
vendor:	s7800	model:	r6305	scope:	-	version:	-	Trust: 0.2
vendor:	s8500	model:	r1631	scope:	-	version:	-	Trust: 0.2
vendor:	s8500	model:	r1632	scope:	-	version:	-	Trust: 0.2

sources: IVD: e44f6a90-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-08072 // JVNDB: JVNDB-2012-006007 // CNNVD: CNNVD-201306-406 // NVD: CVE-2012-6570

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-6570
value:	HIGH
Trust: 1.0
NVD:	CVE-2012-6570
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2013-08072
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201306-406
value:	CRITICAL
Trust: 0.6
IVD:	e44f6a90-2352-11e6-abef-000c29c66e3d
value:	CRITICAL
Trust: 0.2
VULHUB:	VHN-59851
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2012-6570
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2013-08072
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e44f6a90-2352-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-59851
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: IVD: e44f6a90-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-08072 // VULHUB: VHN-59851 // JVNDB: JVNDB-2012-006007 // CNNVD: CNNVD-201306-406 // NVD: CVE-2012-6570

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-59851 // JVNDB: JVNDB-2012-006007 // NVD: CVE-2012-6570

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201306-406

TYPE

Buffer overflow

Trust: 0.8

sources: IVD: e44f6a90-2352-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201306-406

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-006007

PATCH

title:	Huawei-SA-20120808-03-HTTP-Module	url:	http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194361.htm	Trust: 0.8
title:	Huawei AR Router and Switch HTTP Module Header Field Handling Buffer Overflow Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/34802	Trust: 0.6

sources: CNVD: CNVD-2013-08072 // JVNDB: JVNDB-2012-006007

EXTERNAL IDS

db:	NVD	id:	CVE-2012-6570	Trust: 3.6
db:	BID	id:	60712	Trust: 1.0
db:	CNNVD	id:	CNNVD-201306-406	Trust: 0.9
db:	CNVD	id:	CNVD-2013-08072	Trust: 0.8
db:	JVNDB	id:	JVNDB-2012-006007	Trust: 0.8
db:	IVD	id:	E44F6A90-2352-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	VULHUB	id:	VHN-59851	Trust: 0.1

sources: IVD: e44f6a90-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-08072 // VULHUB: VHN-59851 // BID: 60712 // JVNDB: JVNDB-2012-006007 // CNNVD: CNNVD-201306-406 // NVD: CVE-2012-6570

REFERENCES

url:	http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194361.htm	Trust: 2.6
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-6570	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-6570	Trust: 0.8
url:	http://www.huawei.com/	Trust: 0.3

sources: CNVD: CNVD-2013-08072 // VULHUB: VHN-59851 // BID: 60712 // JVNDB: JVNDB-2012-006007 // CNNVD: CNNVD-201306-406 // NVD: CVE-2012-6570

CREDITS

Felix Lindner of Recurity Labs GmbH

Trust: 0.3

sources: BID: 60712

SOURCES

db:	IVD	id:	e44f6a90-2352-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2013-08072
db:	VULHUB	id:	VHN-59851
db:	BID	id:	60712
db:	JVNDB	id:	JVNDB-2012-006007
db:	CNNVD	id:	CNNVD-201306-406
db:	NVD	id:	CVE-2012-6570

LAST UPDATE DATE

2024-08-14T15:14:04.722000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2013-08072	date:	2013-06-25T00:00:00
db:	VULHUB	id:	VHN-59851	date:	2013-06-21T00:00:00
db:	BID	id:	60712	date:	2015-03-19T08:38:00
db:	JVNDB	id:	JVNDB-2012-006007	date:	2013-06-24T00:00:00
db:	CNNVD	id:	CNNVD-201306-406	date:	2013-06-21T00:00:00
db:	NVD	id:	CVE-2012-6570	date:	2013-06-21T04:00:00

SOURCES RELEASE DATE

db:	IVD	id:	e44f6a90-2352-11e6-abef-000c29c66e3d	date:	2013-06-25T00:00:00
db:	CNVD	id:	CNVD-2013-08072	date:	2013-06-25T00:00:00
db:	VULHUB	id:	VHN-59851	date:	2013-06-20T00:00:00
db:	BID	id:	60712	date:	2013-06-20T00:00:00
db:	JVNDB	id:	JVNDB-2012-006007	date:	2013-06-24T00:00:00
db:	CNNVD	id:	CNNVD-201306-406	date:	2013-06-21T00:00:00
db:	NVD	id:	CVE-2012-6570	date:	2013-06-20T15:55:00.967