Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2014.0012 A vulnerability has been identified in Huawei's Eudemon 8000E firewall prior to version V200R001C01SPC900. 31 January 2014 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Huawei Eudemon 8000E Operating System: Network Appliance Impact/Access: Denial of Service -- Remote/Unauthenticated Resolution: Patch/Upgrade Member content until: Sunday, March 2 2014 OVERVIEW A vulnerability has been identified in Huawei's Eudemon8000E firewall prior to version V200R001C01SPC900. IMPACT The vendor has given the following information: "Huawei Eudemon8000E firewall allows users to log in to the device using Telnet or SSH. When an attacker sends to the device a mass of TCP packets with special structure, the logging process become slowly and users may be unable to log in to the device (HWNSIRT-2014-0101)." [1] MITIGATION Huawei recommends upgrading the device to the latest firmware. REFERENCES [1] Security Advisory-DoS Vulnerability in Eudemon8000E http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-325385.htm AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBUusOMxLndAQH1ShLAQIVqw//agH07+j3XKpyAr3ltszjTAhCH2d2VRSC k6qT9TAAQyjK4kssKRV71s2d8crdoUTRID+0/o79u5WBzzTZLJiGRCL8PkeVnZ1X LzVdlbdiCZ2VvLq61eSGFG+rZbpAGfnd2T2+isdFRu41CqDAWvEW8KCHv9YAsmoO xx8osqZIv8a9tuYj2OiaPpjLXt4DawfBRn6Qu2hRH7JdSGu+XY1Kh4RKE5RP424A H7zkNbyZY+uE5m5rPKNAfxqbzm2UrUD2yS6HGCP5BgqUbfLXOdb2o+2MRqn2aD3S tl7Qg3mqYvA22jaY86Sj+dh5v6YWt2DfKBbFKrsW7t6KdkaduKT2ZeADDTbMEpnG tINj4UGZ5yW8dGTa7zB7hknVbR+zqzcKJDQHYrhUFqeb/FvMfEvI5jjaLnuzS3H7 KttxOZVtW+QUwGC6MxkEWhoQlVnJ79YfuXzZEG0KbZfW30mTriicEcVeeoabcsWx UQ3lB88ZTWDabtG0f1YC8JS6bvFZv27BKku+QsOx7cY7ms7YK38Bes8eqb2cnhdC VLZAMK/uPQnW3vE/4uhQi6Rs49sT/i7RMiknSxsLKvURhZk7wQr+10NAXoMTbSvb ekaxvMrfOH5b8FWKU00mRZBtNzcGhlv8J/d/emgAyTFTmOoypHkX1OjpnW9EQ0Ox S3nL8sIdK3c= =wjUS -----END PGP SIGNATURE-----