CVE-2014-4706
https://notcve.org/view.php?id=CVE-2014-4706
Huawei Campus S3700HI with software V200R001C00SPC300; Campus S5700 with software V200R002C00SPC100; Campus S7700 with software V200R003C00SPC300,V200R003C00SPC500; LSW S9700 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S2350 with software V200R003C00SPC300; S2750 with software V200R003C00SPC300; S5300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S5700 with software V200R001C00SPC300,V200R003C00SPC300; S6300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S6700 S3300HI with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S7700 with software V200R001C00SPC300; S9300 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S9300E with software V200R003C00SPC300,V200R003C00SPC500 allow attackers to keep sending malformed packets to cause a denial of service (DoS) attack, aka a heap overflow. Huawei Campus S3700HI con software V200R001C00SPC300; Campus S5700 con software V200R002C00SPC100; Campus S7700 con software V200R003C00SPC300,V200R003C00SPC500; LSW S9700 con software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S2350 con software V200R003C00SPC300; S2750 con software V200R003C00SPC300; S5300 con software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S5700 con software V200R001C00SPC300,V200R003C00SPC300; S6300 con software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S6700 S3300HI con software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S7700 con software V200R001C00SPC300; S9300 con software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S9300E con software V200R003C00SPC300,V200R003C00SPC500 permiten a atacantes seguir enviando paquetes mal formado para provocar un ataque de denegación de servicio (DoS), también conocido como desbordamiento de memoria dinámica. • http://www.huawei.com/en/psirt/security-advisories/hw-343218 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-1460
https://notcve.org/view.php?id=CVE-2015-1460
Huawei Quidway switches with firmware before V200R005C00SPC300 allows remote attackers to gain privileges via a crafted packet. Los switches Huawei Quidway con firmware anterior a V200R005C00SPC300 permiten a atacantes remotos ganar privilegios a través de un paquete manipulado. • http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-411975.htm • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2014-4190
https://notcve.org/view.php?id=CVE-2014-4190
Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700, and LSW S9700 with software V200R001 before V200R001SPH013; S5700, S6700, S5300, and S6300 with software V200R002 before V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750, and LSW S9700 with software V200R003 before V200R003SPH005; and S7700, S9300, S9300E, and LSW S9700 with software V200R005 before V200R005C00SPC300 allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet. Múltiples desbordamiento de buffer basado en memoria dinámica en Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700 y LSW S9700 con software V200R001 anterior a V200R001SPH013; S5700, S6700, S5300 y S6300 con software V200R002 anterior a V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750 y LSW S9700 con software V200R003 anterior a V200R003SPH005; y S7700, S9300, S9300E y LSW S9700 con software V200R005 anterior a V200R005C00SPC300 permiten a atacantes remotos causar una denegación de servicio (reinicio de dispositivo) a través de un campo de longitud manipulado en un paquete. • http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-343218.htm http://www.securityfocus.com/bid/67907 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •