Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

DDIVRT-2008-14 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point Malformed HTTP POST DoS
From: "DDI_Vulnerability_Alert" <DDI.VulnerabilityAlert () ddifrontline com>
Date: Tue, 2 Sep 2008 14:52:59 -0500

Title
---------
DDIVRT-2008-14 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point
Malformed HTTP POST DoS

Severity
--------
Medium

Date Discovered
---------------
May 20, 2008

Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Brandon Shilling and r () b13$

Vulnerability Description
-------------------------
The 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point is an
enterprise-grade wireless access point.  The web management interface is
vulnerable to a DoS condition due to improper validation of malformed
HTTP POST requests.  Successful exploitation will result in a complete
DoS of the device.

Solution Description
--------------------
3Com has not addressed this issue at this time.  Digital Defense, Inc.
does not currently know of any work arounds for this flaw.

Tested Systems / Software (with versions)
------------------------------------------
Tested against 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point,
firmware unknown.  

Vendor Contact
--------------
Name: 3Com
Website: http://www.3com.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
  • DDIVRT-2008-14 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point Malformed HTTP POST DoS DDI_Vulnerability_Alert (Sep 03)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]