Re: USR Netserver 8/16 vulnarable to nestea attack

[gino () BIOHAZARD COM (Chris)]

I talked to 3com on the phone today and they told me that the message would
be forwarded. I tested nestea on my netserver 16/I-modem plus running
version 4.1.82 and it locked up. the callers were still connected to the
netserver itself, but i did not get a ping reply.

-----Original Message-----
From: Patrick Oonk <patrick () pine nl>
To: BUGTRAQ () netspace org <BUGTRAQ () netspace org>
Date: Tuesday, October 27, 1998 2:47 PM
Subject: Re: USR Netserver 8/16 vulnarable to nestea attack


> > -----Original Message-----
> > From: Bugtraq List [mailto:BUGTRAQ () NETSPACE ORG]On Behalf Of Vesselin
> > Mladenov
> > Sent: Monday, October 26, 1998 7:51 PM
> > To: BUGTRAQ () NETSPACE ORG
> > Subject: USR Netserver 8/16 vulnarable to nestea attack
> >
> >
> > Three days ago I found out that USR Netserver 8/16 V.34, running version
> > 2.0.14 OS is vulnerable to nestea DoS attack (for more info lookup in
> > http://www.rootshell.com).
>
>
> This is what I got from 3COM.
>
> I didn't hear about this problem but one thing is for sure.
> The first MP series are based on the ComOs from Livingston. This contract
> will be over end of this year so we build our own code which is fully
> compatible. Trails were out for 1 year. This code pilgrim code is now
> stable. the Netserver code we distribute is the 4.x (NetServer ISDN 8/16).
> Please check the http://totalservice.usr.com for latest release notes.