This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy
The back-end software UTPS is the application software which is operated on the management data card of PC to realize the configuration and dial-up connection of data card, instant messages receiving and sending, telephone directory management and the like. The current product has a vulnerability:
The UTPS1.0 back-end does not fully verify the incoming parameters when copying the character strings during the process of uploading the plug-in configuration files, which leads to the overflow(HWNSIRT-2012-0994). As a result, the script which is specified by some malicious users may be executed to run the application program which is specified by the malicious users.
This vulnerability was first reported by Souhail Hammou (Dark-Puzzle). Huawei would like to thank for Souhail Hammou’s findings and continuously concerns on Huawei products..
Currently, workarounds are available and are listed below. Huawei has also made the version plan to resolve this vulnerability.The below affected products can deploy the workarounds mentioned above to mitigate the risks, or be upgraded to the below versions:
Product Model |
Back-End Version |
Solved Version |
Solved Time |
E173u-1 |
UTPS11.302.09.06.162 |
UTPS21.005.22.00.162_MAC21 |
2012-9-26 |
E153u-1 |
UTPS11.302.09.05.162 |
UTPS21.005.15.06.162_MAC21 |
2012-9-26 |
The other affected products can deploy the workarounds mentioned above to mitigate the risks, and there is no new version or patch to be released.
The vulnerability classification has been performed by using the CVSSv2 scoring system (http://www.first.org/cvss/).
Base Score: 6.9 (AV: L/AC: M/Au:N/C:C/I:C/A:C)
Temporal Score: 6.2 (E: F/RL: W/RC: C)The back-end does not fully verify the incoming parameters when copying the character strings during the process of uploading the plug-in configuration files, and the character strings have not been checked before copying. If there is a long character string saved in the configuration files, the copying execution will lead to the overflow of the invoked buffer:
1. Prerequisite:
Obtain the local user privilege;
2. Attacking procedure:
Modify the configuration file, and save a long character string in the specified attribute. Execute the program which will lead to the overflow of the invoked buffer;
3. Impact:
The security vulnerability may be utilized by malicious users to run the specified programs.Users of Windows can upgrade the operation system to Windows XP sp3 directly or can download UTPS2.0 from our web site to cope with the security vulnerability.
1. Users of Windows XP sp1 can log in to the Web site of Microsoft to install the patch Windows XP sp3.
2. Users of the operation systems of higher versions will not be affected.
http://www.huaweidevice.com/
For security problems about Huawei products and solutions, please contactPSIRT@huawei.com.
For general problems about Huawei products and solutions, please directly contact Huawei TAC (Huawei Technical Assistance Center) to request the configuration or technical assistance.
22nd Sep, 2012 V1.0 INITIAL
22nd Feb, 2013 V2.0 UPDATED updates the vulnerability researcher name.None