Signature Detail
Short Name |
DOS:NETDEV:NETWORK-3COM-DOS |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
DOS |
Keywords |
3Com OfficeConnect HTTP Router Denial of Service |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
DOS: 3Com OfficeConnect HTTP Router Denial of Service
This signature detects attempts to exploit the firmware vulnerability in the 3COM OfficeConnect 812 and 840 DSL/ADSL routers. OCR812 versions 1.1.9 and earlier are susceptible. Attackers can remotely request long strings from the HTTP daemon, making the router reboot/power cycle and creating a denial of service (DoS).
Extended Description
OfficeConnect 812 is a DSL router manufactured by 3Com, and distributed by numerous DSL providers. OfficeConnect 812 is an integrated ADSL router with an onboard 4 port switch. A problem in the firmware included with this router could allow a Denial of Service. It is possible to reboot the router by connecting to the HTTP daemon, and requesting a long string. The router will power-cycle itself. This problem makes it possible for a remote user to deny service to legimate users of networks serviced by the router.
Affected Products
- 3Com OfficeConnect DSL Router 812 1.1.7
- 3Com OfficeConnect DSL Router 840 1.1.7
References
- BugTraq: 2721
- CVE: CVE-2001-0740
- URL: http://archives.neohapsis.com/archives/bugtraq/2001-05/0115.html