[prev in list] [next in list] [prev in thread] [next in thread] 

List:       secunia-sec-adv
Subject:    [SA11716] 3Com OfficeConnect 812 ADSL Router Telnet Protocol Denial of Service
From:       Secunia Security Advisories <sec-adv () secunia ! com>
Date:       2004-05-26 16:22:09
Message-ID: 200405261622.i4QGM9Ge031955 () secunia ! com
[Download RAW message or body]


TITLE:
3Com OfficeConnect 812 ADSL Router Telnet Protocol Denial of Service

SECUNIA ADVISORY ID:
SA11716

VERIFY ADVISORY:
http://secunia.com/advisories/11716/

CRITICAL:
Less critical

IMPACT:
DoS

WHERE:
From local network

OPERATING SYSTEM:
3Com OfficeConnect 812 ADSL Router

DESCRIPTION:
iDEFENSE has reported a vulnerability in 3Com OfficeConnect Remote
812 ADSL Router, which can be exploited by malicious people to cause
a DoS (Denial of Service).

The vulnerability is caused due to an error when handling certain
Telnet traffic. This can be exploited to make the device reboot or
stop handling packets by sending a long string containing Telnet
escape sequences to the telnet port.

The vulnerability has been reported in firmware release 1.1.9.4.
Other versions may also be affected.

SOLUTION:
Restrict access to the telnet service.

PROVIDED AND/OR DISCOVERED BY:
Discovered by: Rafel Ivgi.
Reported by: iDEFENSE.

ORIGINAL ADVISORY:
http://www.idefense.com/application/poi/display?id=105&type=vulnerabilities

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=secunia-sec-adv@progressive-comp.com

----------------------------------------------------------------------
[prev in list] [next in list] [prev in thread] [next in thread]