CVE-2016-4577

Buffer overflow in the Smart DNS functionity in the Huawei NGFW Module and Secospace USG6300, USG6500, USG6600, and USG9500 firewalls with software before V500R001C20SPC100 allows remote attackers to cause a denial of service or execute arbitrary code via a crafted packet, related to "illegitimate parameters."

Source: CVE-2016-4577

CVE-2016-4576 (ips_module_firmware, ngfw_module_firmware, nip6300_firmware, nip6600_firmware, secospace_antiddos8000_firmware, secospace_usg6300_firmware, secospace_usg6500_firmware, secospace_usg6600_firmware, usg9500_firmware)

Buffer overflow in the Application Specific Packet Filtering (ASPF) functionality in the Huawei IPS Module, NGFW Module, NIP6300, NIP6600, Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 devices with software before V500R001C20SPC100 allows remote attackers to cause a denial of service or execute arbitrary code via a crafted packet, related to "illegitimate parameters."

Source: CVE-2016-4576 (ips_module_firmware, ngfw_module_firmware, nip6300_firmware, nip6600_firmware, secospace_antiddos8000_firmware, secospace_usg6300_firmware, secospace_usg6500_firmware, secospace_usg6600_firmware, usg9500_firmware)

CVE-2016-4576

Buffer overflow in the Application Specific Packet Filtering (ASPF) functionality in the Huawei IPS Module, NGFW Module, NIP6300, NIP6600, Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 devices with software before V500R001C20SPC100 allows remote attackers to cause a denial of service or execute arbitrary code via a crafted packet, related to "illegitimate parameters."

Source: CVE-2016-4576

CVE-2016-4087 (s12700_firmware, s5700_firmware)

Huawei S12700 switches with software before V200R008C00SPC500 and S5700 switches with software before V200R005SPH010, when the debug switch is enabled, allows remote attackers to cause a denial of service or execute arbitrary code via crafted DNS packets.

Source: CVE-2016-4087 (s12700_firmware, s5700_firmware)

CVE-2016-4087

Huawei S12700 switches with software before V200R008C00SPC500 and S5700 switches with software before V200R005SPH010, when the debug switch is enabled, allows remote attackers to cause a denial of service or execute arbitrary code via crafted DNS packets.

Source: CVE-2016-4087

CVE-2016-4049 (leap, opensuse, quagga)

The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet.

Source: CVE-2016-4049 (leap, opensuse, quagga)

CVE-2016-4049

The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet.

Source: CVE-2016-4049

CVE-2016-4037 (fedora, qemu)

The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CVE-2015-8558.

Source: CVE-2016-4037 (fedora, qemu)

CVE-2016-4037

The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CVE-2015-8558.

Source: CVE-2016-4037

CVE-2016-4001 (fedora, qemu)

Buffer overflow in the stellaris_enet_receive function in hw/net/stellaris_enet.c in QEMU, when the Stellaris ethernet controller is configured to accept large packets, allows remote attackers to cause a denial of service (QEMU crash) via a large packet.

Source: CVE-2016-4001 (fedora, qemu)