Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce: 3Com OfficeConnect, denial of service

December 2009 by Vigil@nce

SYNTHESIS OF THE VULNERABILITY

An attacker can send a malformed HTTP query, in order to stop the
3Com OfficeConnect ADSL Wireless 11g Firewall Router product.

Severity: 1/4

Consequences: denial of service of service

Provenance: intranet client

Means of attack: 1 attack

Ability of attacker: technician (2/4)

Confidence: unique source (2/5)

Diffusion of the vulnerable configuration: high (3/3)

Creation date: 22/12/2009

IMPACTED PRODUCTS

 3Com OfficeConnect modem

DESCRIPTION OF THE VULNERABILITY

The 3Com OfficeConnect ADSL Wireless 11g Firewall Router product
has a web administration interface, which requires an HTTP
authentication:
Authorization: Basic base64(login:pass)

However, if an attacker uses an authentication method different
from Basic, the router stops.

An attacker can therefore send a malformed HTTP query, in order to
stop the 3Com OfficeConnect ADSL Wireless 11g Firewall Router
product.

CHARACTERISTICS

Identifiers: BID-37421, VIGILANCE-VUL-9309

http://vigilance.fr/vulnerability/3Com-OfficeConnect-denial-of-service-9309


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts