Bugtraq mailing list archives
Re: 3com hiperarch flaw [hiperbomb.c]
From: mike () COREDUMP AE USR COM (Mike Wronski)
Date: Mon, 16 Aug 1999 13:50:02 -0500
3Com acknowledges and has verified the existence of the hiperbomb DOS attack. All HiPer ARC software (4.0 - 4.2.29) is vulnerable to the attack. The following workaround will protect your equipment until the software patch becomes available. Defect is logged under 3Com MR#11022 It is possible to add a telnet access list of trusted hosts on the HiPer ARC. It can be assumed that the attack will not come from a trusted host. It is also recommended that you do no allow any telnet sessions from outside your network. To add a telnet access list: 1) add telnet clients. These clients may be individual hosts or networks. "ADD TELNET CLIENT X.X.X.X" "LIST TELNET CLIENTS" will list all configured clients 2) Enable the telnet client access list feature. "ENABLE TELNET CLIENT_ACCESS" A follow up post will be made when the patched code is made available. This workaround can also be found on the 3Com Knowledge Base (3KB) at http://knowledgebase.3com.com/ under document ID: 2.0.2107762.2279004 --------------------------------------------------------- Mike Wronski (mike () coredump ae usr com) Sr. 3Com Network Systems Engineer / BETA Engineer PGP:http://coredump.ae.usr.com/pgp |-----Original Message----- |From: Bugtraq List [mailto:BUGTRAQ () SECURITYFOCUS COM]On Behalf Of |Jonathan Chapman |Sent: Thursday, August 12, 1999 5:11 PM |To: BUGTRAQ () SECURITYFOCUS COM |Subject: 3com hiperarch flaw [hiperbomb.c] | | |Hello, | |The attached program will reboot a 3com HiperARC. I made an attempt to |contact 3com before posting this report, however, I received no response. |By flooding the telnet port of a 3com HiperARC using the provided program, |the HiperARC unconditionally reboots. This program is effective over all |interfaces, including a dialup. | |Regards, | |Jonathan Chapman |Director of Network Security |FIRST Incorporated |jchapman () 1st net www.1st.net | |
Current thread:
- 3com hiperarch flaw [hiperbomb.c] Jonathan Chapman (Aug 12)
- Re: 3com hiperarch flaw [hiperbomb.c] synFlood (Aug 13)
- Re: 3com hiperarch flaw [hiperbomb.c] Mike Wronski (Aug 16)
- L0pht ICMP Router Discovery Advisory Paul S. Cosis (Aug 16)
- <Possible follow-ups>
- Re: 3com hiperarch flaw [hiperbomb.c] Charles Sprickman (Aug 15)