Re: 3com hiperarch flaw [hiperbomb.c]

From: synFlood (synfloodat_private)
Date: Fri Aug 13 1999 - 23:01:10 PDT

Next message: Aleph One: "[SECURITY] New versions of cfingerd fixes root exploit"

Previous message: Jerry Carlin: "Re: Internet Auditing Project"
Maybe in reply to: Jonathan Chapman: "3com hiperarch flaw [hiperbomb.c]"
Next in thread: Charles Sprickman: "Re: 3com hiperarch flaw [hiperbomb.c]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Aug 12, 1999 at 06:10:44PM -0400, Jonathan Chapman wrote:
> The attached program will reboot a 3com HiperARC.  I made an attempt to
> contact 3com before posting this report, however, I received no response.
> By flooding the telnet port of a 3com HiperARC using the provided program,
> the HiperARC unconditionally reboots.  This program is effective over all
> interfaces, including a dialup.
>

Confirmed.
the problem show on an

3Com Corporation HiPer Access Router Card Built on Feb 16 1999 at 12:42:34.
System Version:                           V4.1.59

i will try to concact the Chilean 3com representatives ASAP to let them know
about that bug, lets see if 3com do something.

Regards and thanks for your information.

a possible work around is to filter telnet via the router, at least this will
fix off-site DoS...

---end quoted text---

--

SynFl00d

email : synfloodat_private
Efax Number : (815) 366-3177
ICQ : 6994327

Next message: Aleph One: "[SECURITY] New versions of cfingerd fixes root exploit"
Previous message: Jerry Carlin: "Re: Internet Auditing Project"
Maybe in reply to: Jonathan Chapman: "3com hiperarch flaw [hiperbomb.c]"
Next in thread: Charles Sprickman: "Re: 3com hiperarch flaw [hiperbomb.c]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:56:16 PDT