Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Huawei Data Communication: IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability (huawei-sa-20170118-01-ipv6)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
There is a vulnerability in the IP Version 6 (IPv6) Neighbor Discovery packet process of multiple products.
Insight
Insight
There is a vulnerability in the IP Version 6 (IPv6) Neighbor Discovery packet process of multiple products, successful exploit could allow an unauthenticated, remote attacker to cause an affected device to start dropping legitimate IPv6 neighbors as legitimate ND times out, leading to a denial of service (DoS). (Vulnerability ID: HWPSIRT-2016-06012)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-1409.Huawei has released software updates to fix this vulnerability. This advisory is available in the linked references.
Affected Software
Affected Software
AR120& AR150& AR160& AR200& AR500& AR510& AR1200& AR2200& AR3200& AR3600 versions V200R005C00 V200R006C00 V200R006C10 V200R007C00 CloudEngine 12800 versions V100R001C00 V100R001C01 V100R002C00 V100R003C00 V100R003C10 V100R005C00 V100R005C10 V100R006C00 CloudEngine 5800 versions V100R001C00 V100R001C01 V100R002C00 V100R003C00 V100R003C10 V100R005C00 V100R005C10 V100R006C00 CloudEngine 6800 versions V100R001C00 V100R001C01 V100R002C00 V100R003C00 V100R003C10 V100R005C00 V100R005C10 V100R006C00 CloudEngine 7800 versions V100R003C00 V100R003C10 V100R005C00 V100R005C10 V100R006C00 CloudEngine 8800 versions V100R006C00 S12700 versions V200R005C00 V200R006C00 V200R007C00 V200R008C00 V200R009C00 S2300 versions V100R006C05 S2700 versions V100R006C05 S3300 versions V100R006C05 S3700 versions V100R006C05 S5300 versions V200R002C00 V200R005C00 V200R006C00 V200R007C00 V200R008C00 V200R009C00 S5700 versions V200R002C00 V200R003C00 V200R005C00 V200R006C00 V200R007C00 V200R008C00 V200R009C00 S6300 versions V200R002C00 V200R003C00 V200R005C00 V200R007C00 V200R008C00 V200R009C00 S6700 versions V200R002C00 V200R003C00 V200R005C00 V200R007C00 V200R008C00 V200R009C00 S7700 versions V200R002C00 V200R003C00 V200R005C00 V200R006C00 V200R007C00 V200R008C00 V200R009C00 S9300 versions V200R002C00 V200R003C00 V200R005C00 V200R006C00 V200R007C00 V200R008C00 V200R009C00 S9700 versions V200R002C00 V200R003C00 V200R005C00 V200R006C00 V200R007C00 V200R008C00 V200R009C00
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
See the referenced vendor advisory for a solution.