3com-HiPer-arc.txt

1999-08-17T00:00:00
ID PACKETSTORM:15075
Type packetstorm
Reporter Packet Storm
Modified 1999-08-17T00:00:00

Description

                                        
                                            `Date: Fri, 25 Dec 1998 16:01:36 +0100  
From: Olaf Selke <Olaf.Selke@MEDIAWAYS.NET>  
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>  
To: BUGTRAQ@netspace.org  
Subject: 3Com HiPer ARC vulnerable to nestea attack  
  
We found 3Com's HiPer ARCs running system version 4.1.11  
being vulnerable to the nestea DoS attack. The cards simply  
crash and reboot.  
  
  
The multi DoS tool targa v1.1  
http://www.rootshell.com/archive-j457nxiqi3gq59dv/199806/targa.c.html  
started with the nestea option can be used for demonstration.  
  
  
*sigh* As already mentioned on Bugtraq in the past, 3Com/USR's IP  
stacks are not very resistant against this specific kind of DoS attack:  
  
NetServer card: http://geek-girl.com/bugtraq/1998_4/0198.html  
PalmPilot: http://geek-girl.com/bugtraq/1998_2/0138.html  
  
  
>From my experiences 3Com has fixed this bug in the recent Total Control  
NetServer card code base. Apparently it was re-introduced by the HiPer ARC.  
  
Olaf  
--  
Olaf Selke, olaf.selke@mediaways.net, voice +49 5241 80-7069  
  
`