3Com Baseline Switch 2848-SFP Plus Lets Remote Users Deny Service With Specially Crafted DHCP Packets
|
|
SecurityTracker Alert ID: 1015997
|
|
SecurityTracker URL: http://securitytracker.com/id?1015997
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Apr 26 2006
|
Impact: Denial of service via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): Switch 2848-SFP Plus; prior to release 1.0.2.0
|
Description: A vulnerability was reported in 3Com Baseline Switch 2848-SFP Plus. A remote user can cause denial of service conditions.
A remote user can send specially crafted DHCP packet that is larger than 342 bytes to cause the target switch to become unstable.
|
Impact: A remote user can cause denial of service conditions.
|
Solution: The vendor has issued a fixed version (Switch 2848-SFP Plus Release 1.0.2.0).
The vendor's advisory is available at:
http://support.3com.com/infodeli/tools/switches/baseline/3C16486_V1_0_2_0_readme.pdf
|
Vendor URL: www.3com.com/ (Links to External Site)
|
Cause: Boundary error, Input validation error
|
|
Message History:
None.
|
Source Message Contents
|
Date: Wed, 26 Apr 2006 00:46:02 -0400
Subject: 3Com Baseline Switch 2848-SFP Plus
|
http://support.3com.com/infodeli/tools/switches/baseline/3C16486_V1_0_2_0_readme.pdf
> Loss of IP Management
> DHCP packets that exceed 342 bytes in length may cause the switch to become
> unstable. This has been fixed in this release of code.
|
|
