Vigil@nce: 3Com OfficeConnect, two vulnerabilities
October 2009 by Vigil@nce
An attacker can use two vulnerabilities of the 3Com OfficeConnect
Firewall/Router, in order to execute commands.
Severity: 2/4
Consequences: administrator access/rights, privileged
access/rights, user access/rights
Provenance: intranet client
Means of attack: 2 attacks
Ability of attacker: beginner (1/4)
Confidence: unique source (2/5)
Diffusion of the vulnerable configuration: high (3/3)
Number of vulnerabilities in this bulletin: 2
Creation date: 20/10/2009
IMPACTED PRODUCTS
– 3Com OfficeConnect modem
DESCRIPTION OF THE VULNERABILITY
The 3Com OfficeConnect Firewall/Router can be administered via
SSH, Telnet, or a web interface. It is impacted by two
vulnerabilities.
An attacker can login via SSH/Telnet, and then dump the password
stored in a XML file. [grav:2/4]
A non authenticated attacker can use the web utility.cgi script,
in order to execute shell commands. [grav:2/4]
An attacker can therefore use two vulnerabilities of the 3Com
OfficeConnect Firewall/Router, in order to execute commands.
CHARACTERISTICS
Identifiers: BID-36722, VIGILANCE-VUL-9103
http://vigilance.fr/vulnerability/3Com-OfficeConnect-two-vulnerabilities-9103