CVE-2016-6669: Buffer Overflow
First published: Thu Sep 22 2016(Updated: )
Buffer overflow in the Authentication, Authorization and Accounting (AAA) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600 allows remote authenticated RADIUS servers to execute arbitrary code by sending a crafted EAP packet.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei Usg2100 Firmware | <=v300r001c00 | |
| Huawei Usg2100 Firmware | <=v300r001c10 | |
| Huawei Usg2200 Firmware | <=v300r001c00 | |
| Huawei Usg2200 Firmware | <=v300r001c10 | |
| Huawei Usg5100 Firmware | <=v300r001c00 | |
| Huawei Usg5100 Firmware | <=v300r001c10 | |
| Huawei Usg5500 Firmware | <=v300r001c00 | |
| Huawei Usg5500 Firmware | <=v300r001c10 | |
| Huawei USG2100 | ||
| Huawei Usg2200 | ||
| Huawei Usg5100 | ||
| Huawei USG5500 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/huawei
- canonical/huawei usg2100 firmware
- version/huawei usg2100 firmware/v300r001c00
- version/huawei usg2100 firmware/v300r001c10
- canonical/huawei usg2200 firmware
- version/huawei usg2200 firmware/v300r001c00
- version/huawei usg2200 firmware/v300r001c10
- canonical/huawei usg5100 firmware
- version/huawei usg5100 firmware/v300r001c00
- version/huawei usg5100 firmware/v300r001c10
- canonical/huawei usg5500 firmware
- version/huawei usg5500 firmware/v300r001c00
- version/huawei usg5500 firmware/v300r001c10
- canonical/huawei usg2100
- canonical/huawei usg2200
- canonical/huawei usg5100
- canonical/huawei usg5500