3Com TippingPoint IPS Remote Denial Of Service Vulnerability

Bugtraq ID:	23644
Class:	Failure to Handle Exceptional Conditions
CVE:
Remote:	Yes
Local:	No
Published:	Apr 25 2007 12:00AM
Updated:	Apr 26 2007 03:20AM
Credit:	Corroded_Lunchmeats_X <[email protected]> reported this issue.
Vulnerable:	3Com TippingPoint IPS 0
Not Vulnerable:

3Com TippingPoint IPS Remote Denial Of Service Vulnerability

3Com TippingPoint IPS is prone to a remote denial-of-service vulnerability. This issue occurs when handling a large number packets destined for port 80.

A successful attack will cause CPU processes to be consumed on devices running the affected software. This will cause the device to stop responding after a certain period of time, denying service to legitimate users.

3Com TippingPoint IPS Remote Denial Of Service Vulnerability

An attacker can exploit this issue using readily available network tools.

3Com TippingPoint IPS Remote Denial Of Service Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].

3Com TippingPoint IPS Remote Denial Of Service Vulnerability

References:

• TippingPoint IPS Product Page (3Com)
  
• 3Com's TippingPoint Denial of Service (Corroded_Lunchmeats_X)
  
• Re: 3Com's TippingPoint Denial of Service (3com)