Sign-up

ID

VAR-201610-0207


CVE

CVE-2016-8276


TITLE

plural Huawei USG Product software PPPoE Module buffer overflow vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2016-005100

DESCRIPTION

Buffer overflow in the Point-to-Point Protocol over Ethernet (PPPoE) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600, when CHAP authentication is configured on the server, allows remote attackers to cause a denial of service (server restart) or execute arbitrary code via crafted packets sent during authentication. HuaweiUSG2100 is a unified security gateway product of Huawei Technologies, China. A number of HuaweiUSG products have a buffer overflow vulnerability that allows remote attackers to exploit this vulnerability to submit a special request to crash an application. Multiple Huawei USG Products are prone to a buffer-overflow vulnerability because they fail to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Attackers can exploit this issue to execute arbitrary code in the affected device. Failed exploit attempts will result in denial-of-service conditions. Point-to-Point Protocol over Ethernet (PPPoE) is a PPP protocol (point-to-point connection protocol) used in gateway products such as Huawei USG2100. The following products and versions are affected: Huawei USG2100 V300R001C00, V300R001C10; USG2200V300R001C00, V300R001C10; USG5100V300R001C00, V300R001C10;

Trust: 2.52

sources: NVD: CVE-2016-8276 // JVNDB: JVNDB-2016-005100 // CNVD: CNVD-2016-08078 // BID: 92962 // VULHUB: VHN-97096

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-08078

AFFECTED PRODUCTS

vendor:huaweimodel:usg2100scope:eqversion:v300r001c00

Trust: 1.6

vendor:huaweimodel:usg5500scope:eqversion:v300r001c10

Trust: 1.6

vendor:huaweimodel:usg5100scope:eqversion:v300r001c00

Trust: 1.6

vendor:huaweimodel:usg2100scope:eqversion:v300r001c10

Trust: 1.6

vendor:huaweimodel:usg5100scope:eqversion:v300r001c10

Trust: 1.6

vendor:huaweimodel:usg2200scope:eqversion:v300r001c00

Trust: 1.6

vendor:huaweimodel:usg5500scope:eqversion:v300r001c00

Trust: 1.6

vendor:huaweimodel:usg2200scope:eqversion:v300r001c10

Trust: 1.6

vendor:huaweimodel:usg2100 v300r001c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:usg2100 v300r001c10scope: - version: -

Trust: 0.9

vendor:huaweimodel:usg2200 v300r001c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:usg2200 v300r001c10scope: - version: -

Trust: 0.9

vendor:huaweimodel:usg5100 v300r001c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:usg5100 v300r001c10scope: - version: -

Trust: 0.9

vendor:huaweimodel:usg5500 v300r001c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:usg5500 v300r001c10scope: - version: -

Trust: 0.9

vendor:huaweimodel:usg2100scope: - version: -

Trust: 0.8

vendor:huaweimodel:usg2100scope:ltversion:v300r001c10spc600

Trust: 0.8

vendor:huaweimodel:usg2200scope: - version: -

Trust: 0.8

vendor:huaweimodel:usg2200scope:ltversion:v300r001c10spc600

Trust: 0.8

vendor:huaweimodel:usg5100scope: - version: -

Trust: 0.8

vendor:huaweimodel:usg5100scope:ltversion:v300r001c10spc600

Trust: 0.8

vendor:huaweimodel:usg5500scope: - version: -

Trust: 0.8

vendor:huaweimodel:usg5500scope:ltversion:v300r001c10spc600

Trust: 0.8

vendor:huaweimodel:usg5500 v300r001c10spc600scope:neversion: -

Trust: 0.3

vendor:huaweimodel:usg5100 v300r001c10spc600scope:neversion: -

Trust: 0.3

vendor:huaweimodel:usg2200 v300r001c10spc600scope:neversion: -

Trust: 0.3

vendor:huaweimodel:usg2100 v300r001c10spc600scope:neversion: -

Trust: 0.3

sources: CNVD: CNVD-2016-08078 // BID: 92962 // JVNDB: JVNDB-2016-005100 // CNNVD: CNNVD-201609-395 // NVD: CVE-2016-8276

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-8276
value: CRITICAL

Trust: 1.0

NVD: CVE-2016-8276
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2016-08078
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201609-395
value: CRITICAL

Trust: 0.6

VULHUB: VHN-97096
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2016-8276
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2016-08078
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-97096
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-8276
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2016-08078 // VULHUB: VHN-97096 // JVNDB: JVNDB-2016-005100 // CNNVD: CNNVD-201609-395 // NVD: CVE-2016-8276

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-97096 // JVNDB: JVNDB-2016-005100 // NVD: CVE-2016-8276

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201609-395

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201609-395

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-005100

PATCH
title:huawei-sa-20160914-01-usgurl:http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160914-01-usg-en
Trust: 0.8
title:Patches for multiple HuaweiUSG product buffer overflow vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/81681
Trust: 0.6
title:Multiple Huawei USG Product Buffer Overflow Vulnerability Fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64189
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2016-08078 // 
            
            
            
            JVNDB: JVNDB-2016-005100 // 
            
            
            
            CNNVD: CNNVD-201609-395

EXTERNAL IDS
db:NVDid:CVE-2016-8276
Trust: 3.4
db:BIDid:92962
Trust: 2.6
db:JVNDBid:JVNDB-2016-005100
Trust: 0.8
db:CNNVDid:CNNVD-201609-395
Trust: 0.7
db:CNVDid:CNVD-2016-08078
Trust: 0.6
db:VULHUBid:VHN-97096
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-08078 // 
            
            
            
            VULHUB: VHN-97096 // 
            
            
            
            BID: 92962 // 
            
            
            
            JVNDB: JVNDB-2016-005100 // 
            
            
            
            CNNVD: CNNVD-201609-395 // 
            
            
            
            NVD: CVE-2016-8276

REFERENCES
url:http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160914-01-usg-en
Trust: 2.6
url:http://www.securityfocus.com/bid/92962
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8276
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-8276
Trust: 0.8
url:http://www.huawei.com
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2016-08078 // 
            
            
            
            VULHUB: VHN-97096 // 
            
            
            
            BID: 92962 // 
            
            
            
            JVNDB: JVNDB-2016-005100 // 
            
            
            
            CNNVD: CNNVD-201609-395 // 
            
            
            
            NVD: CVE-2016-8276

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 92962

SOURCES
db:CNVDid:CNVD-2016-08078
db:VULHUBid:VHN-97096
db:BIDid:92962
db:JVNDBid:JVNDB-2016-005100
db:CNNVDid:CNNVD-201609-395
db:NVDid:CVE-2016-8276

LAST UPDATE DATE
2024-11-23T22:18:13.967000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2016-08078date:2016-09-26T00:00:00
db:VULHUBid:VHN-97096date:2016-10-04T00:00:00
db:BIDid:92962date:2016-09-19T14:00:00
db:JVNDBid:JVNDB-2016-005100date:2016-10-06T00:00:00
db:CNNVDid:CNNVD-201609-395date:2016-10-08T00:00:00
db:NVDid:CVE-2016-8276date:2024-11-21T02:59:03.760

SOURCES RELEASE DATE
db:CNVDid:CNVD-2016-08078date:2016-09-26T00:00:00
db:VULHUBid:VHN-97096date:2016-10-03T00:00:00
db:BIDid:92962date:2016-09-14T00:00:00
db:JVNDBid:JVNDB-2016-005100date:2016-10-06T00:00:00
db:CNNVDid:CNNVD-201609-395date:2016-09-20T00:00:00
db:NVDid:CVE-2016-8276date:2016-10-03T21:59:09.457