3Com Baseline Switch 2848-SFP Plus Remote Denial Of Service Vulnerability

Bugtraq ID:	17686
Class:	Failure to Handle Exceptional Conditions
CVE:
Remote:	Yes
Local:	No
Published:	Apr 25 2006 12:00AM
Updated:	May 05 2006 10:40PM
Credit:	The original discoverer of this issue is currently unknown. It was reported by the vendor.
Vulnerable:	3Com Baseline Switch 2848-SFP Plus 1.0.2
Not Vulnerable:

3Com Baseline Switch 2848-SFP Plus Remote Denial Of Service Vulnerability

3Com Baseline Switch 2848-SFP Plus is susceptible to a remote denial-of-service vulnerability. This issue is reportedly due to certain malformed traffic.

Reportedly, this issue may cause the device to crash, denying further network services to legitimate users. The vendor states that this issue causes the device to become unstable.

3Com Baseline Switch 2848-SFP Plus firmware versions prior to 1.0.2.0 are vulnerable.

3Com Baseline Switch 2848-SFP Plus Remote Denial Of Service Vulnerability

An exploit is not required.

3Com Baseline Switch 2848-SFP Plus Remote Denial Of Service Vulnerability

Solution:
The vendor has released a fix to address this issue. Please see the references for more information.


3Com Baseline Switch 2848-SFP Plus 1.0.2

• 3Com 3C16486_V1_0_2_0.exe
  http://support.3com.com/infodeli/tools/switches/baseline/3C16486_V1_0_ 2_0.exe

3Com Baseline Switch 2848-SFP Plus Remote Denial Of Service Vulnerability

References:

• 3Com Baseline Switch 2848-SFP Plus (3Com)
  
• 3Com Baseline Switch 2848-SFP Plus Release Notes (3Com)