Re: 3Com's TippingPoint Denial of Service

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: 3Com's TippingPoint Denial of Service
From: Secure@xxxxxxxx
Date: Wed, 25 Apr 2007 15:00:05 -0700
Cc: mike20061005@xxxxxxxxxxxxx
In-reply-to: <54055.196.30.118.76.1177449874.squirrel@xxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Sender: Brian_Schafer@xxxxxxxx

TippingPoint is committed to assuring the security of our customers, and 
we take all reports of potential security issues against our products very 
seriously. 

Even though this report seems less than credible, we would encourgage the 
author of this "advisory" to contact us directly and provide us with 
additional details and sources to allow us to investigate this claim. 
All though there seems to be limited to no information available on how 
this apparent "Denial of Service" would be carried out, we've  put our 
resources towards attempting to reproduce the issue, and all versions of 
our TOS have performed as expected with no DoS emerging. 

Again, if the poster of this advisory has additional information available 
that would allow us to successfully reproduce these claims, we would 
appreciate if it was submitted to us for investigation. 
Submissions can be made to secure@xxxxxxxx or on the web at 
www.3com.com/security.
 
Kind Regards, 
TippingPoint Security Response Team




mike20061005@xxxxxxxxxxxxx 
04/24/2007 02:24 PM

To
bugtraq@xxxxxxxxxxxxxxxxx
cc

Subject
3Com's TippingPoint Denial of Service






Vulnerability:       Denial of Service
Affected Product:    3Com's TippingPoint IPS
Affected Versions:   All

Author:              Corroded_Lunchmeats_X



Issue:
======

TippingPoint IPS is prone to DoS when a sequence of crafted packets are
destined for port 80.



Details:
========

When quickly flooded with packets destined for port 80, and an 
incrementing
source port this causes the software to consume a huge amount of CPU time,
due to a badly written loop, causing the device to stop responding.



Credits:
========

The Kinders Kricket Krew, Aunty_Richard, The dinosaurs who died in the
explosion.



Disclaimer:
===========

This  document and all the information it contains are provided "as is",
for educational purposes only, without warranty  of  any  kind,  whether
express or implied.

The  authors reserve the right not to be responsible for the topicality,
correctness, completeness or quality of  the  information   provided  in
this  document.  Liability  claims regarding damage caused by the use of
any information provided, including any kind  of  information  which  is
incomplete or incorrect, will therefore be rejected.



-------------------------------------------
South Africas premier free email service - www.webmail.co.za 
------------------------------------------------------------------
For super low premiums, click here http://www.webmail.co.za/dd.pwm

References:
- 3Com's TippingPoint Denial of Service
  - From: mike20061005

Prev by Date: download engine V1.4.1 >> RFI (local)
Next by Date: CFP: 3rd European Conference on Computer Network Defense (EC2ND)
Previous by thread: Re: 3Com's TippingPoint Denial of Service
Next by thread: Re: 3Com's TippingPoint Denial of Service
Index(es):
- Date
- Thread