CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
99.6%
Huawei was notified about information released by NTP.org and CERT/CC regarding stack buffer overflow security vulnerabilities (CVE-2014-9295) in NTP daemon (ntpd) on December 19th, 2014. Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet.
Multiple Huawei products have this vulnerability. ( Vulnerability ID: HWPSIRT-2014-1276)
The NVD link is: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9295
Vendor | Product | Version | CPE |
---|---|---|---|
huawei | agile_controller-campus_firmware | v100r001c00b001 | cpe:2.3:o:huawei:agile_controller-campus_firmware:v100r001c00b001:*:*:*:*:*:*:* |
huawei | dc_firmware | v100r002c01spc001 | cpe:2.3:a:huawei:dc_firmware:v100r002c01spc001:*:*:*:*:*:*:* |
huawei | esight | v200r003c01/c10 | cpe:2.3:a:huawei:esight:v200r003c01\/c10:*:*:*:*:*:*:* |
huawei | esight | v200r005c00 | cpe:2.3:a:huawei:esight:v200r005c00:*:*:*:*:*:*:* |
huawei | espace_firmware | v100r001c01lsth06spc002 | cpe:2.3:o:huawei:espace_firmware:v100r001c01lsth06spc002:*:*:*:*:*:*:* |
huawei | espace_firmware | v100r001c02/c03 | cpe:2.3:o:huawei:espace_firmware:v100r001c02\/c03:*:*:*:*:*:*:* |
huawei | espace_firmware | v100r002c01 | cpe:2.3:o:huawei:espace_firmware:v100r002c01:*:*:*:*:*:*:* |
huawei | espace_firmware | v100r001c02 | cpe:2.3:o:huawei:espace_firmware:v100r001c02:*:*:*:*:*:*:* |
huawei | fusionaccess | v100r005c10 | cpe:2.3:a:huawei:fusionaccess:v100r005c10:*:*:*:*:*:*:* |
huawei | fusionaccess | v100r005c20 | cpe:2.3:a:huawei:fusionaccess:v100r005c20:*:*:*:*:*:*:* |