3Com HiPer Arc cards telnet flood denial of service
| 3com-hiper-telnet-dos (9872) |  Low Risk |
Description:
3Com HiPer Access Router Card (HiPerArc) cards reboot if a remote attacker sends a flood of specially constructed packets to the Telnet port.
Platforms Affected:
- 3Com, HiPerARC 4.0
- 3Com, HiPerARC 4.1
- 3Com, HiPerARC 4.2
- 3Com, HiPerARC 4.2.29
Remedy:
Install the latest firmware patch when it becomes available.
As a workaround, create a telnet access list of trusted hosts and do not allow any telnet sessions from outside your network.
To add a telnet access list:
- Add telnet clients as individual hosts or networks. Use the following command lines as a guide:
ADD TELNET CLIENT <name>
LIST TELNET CLIENTS - Enable the telnet client access list feature by typing ENABLE TELNET CLIENT_ACCESS
Consequences:
Denial of Service
References:
- BugTraq Mailing List, 1999-08-12 22:10:44, 3com hiperarch flaw [hiperbomb.c] at http://marc.theaimsgroup.com/?l=bugtraq&m=93458364903256&w=2.
- BugTraq Mailing List, 1999-08-16 18:50:02, Re: 3com hiperarch flaw [hiperbomb.c] at http://marc.theaimsgroup.com/?l=bugtraq&m=93492615408725&w=2.
- CVE-1999-1336: 3Com HiPer Access Router Card (HiperARC) 4.0 through 4.2.29 allows remote attackers to cause a denial of service (reboot) via a flood of IAC packets to the telnet port.
- OSVDB ID: 6057: 3Com HiPer Access Router Card (HiperARC) IAC Packet Flood DoS
Reported:
Aug 12, 1999
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net