CVE-2016-4576 Information

Description

Buffer overflow in the Application Specific Packet Filtering (ASPF) functionality in the Huawei IPS Module NGFW Module NIP6300 NIP6600 Secospace USG6300 USG6500 USG6600 USG9500 and AntiDDoS8000 devices with software before V500R001C20SPC100 allows remote attackers to cause a denial of service or execute arbitrary code via a crafted packet related to \illegitimate parameters.\

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160511-01-aspf-en http://www.securityfocus.com/bid/90530

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

9.8