[NEWS] 3Com Home Connect Cable Modem Vulnerable to Denial of Service
From: support@securiteam.comDate: 10/01/01
- Previous message: support@securiteam.com: "[NT] Vulnerability in Amtote International Homebet Self Service Wagering System"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Subject: [NEWS] 3Com Home Connect Cable Modem Vulnerable to Denial of Service Message-Id: <20010930224236.CE05E138C2@mail.der-keiler.de> Date: Mon, 1 Oct 2001 00:42:36 +0200 (CEST)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
3Com Home Connect Cable Modem Vulnerable to Denial of Service
------------------------------------------------------------------------
SUMMARY
Home Connect is and External cable modem manufactured by 3Com, and
distributed by numerous Cable providers.
A problem has been discovered in the cable modem firmware that could make
it possible for remote users to deny service to legitimate users of this
network hardware.
This hardware has port 80/TCP wide open for the entire network, letting
any user on the internet to access the homepage that it has in it by
default. The problem occurs when a user reaches this page, and making a
request of a file (Existing or not) of more than 100 Characters. This will
cause the modem to Reset in the best case.
DETAILS
Vulnerable systems:
3Com Home Connect Cable Modem External with USB (#3CR29223 --
DISCONTINUED)
Exploit:
Solution:
ADDITIONAL INFORMATION
The information has been provided by <mailto:aharasic@terra.cl> Alex S.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
====================
DISCLAIMER:
The following URL will trigger the DoS:
http://target-3com-cablemodem/
characters)
As a workaround for this issue, users can filter port 80 of the cable
modem. Alternatively, since this modem is discontinued (they no longer
make it) you should just call your ISP, tell them about the problem and
ask to replace the cable modem for a newer one.
Harasic.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
Relevant Pages
... If you didn't power cycle the modem, it is still looking for the MAC address that was
connected to it before, NOT the rtr MAC. ... Password may use alphanumetric characters
and underscores, and may be up to 8 characters long. ... They have the firmware for the router
on their page. ... Ambit cable modem --> Buffalo wireless router... ... (comp.sys.ibm.ps2.hardware)
... 3Com® HomeConnect® Cable Modem Denial of Service ... possible for remote
users to deny service to legitimate users of this ... file of more than 100 Characters.
... As a workaround for this issue, users can filter port 80 of the Cablemodem ...
(Bugtraq)
... Password may use alphanumetric characters and underscores, and may be up to 8 characters
long. ... Turn the cable modem back on. ... If you didn't power cycle the
modem, it is still looking for the MAC address that was connected to it before, NOT the rtr MAC.
... (alt.internet.wireless)
... The following security advisory is sent to the securiteam mailing list, and can be
found at the SecuriTeam web site: http://www.securiteam.com ... The name field allows for 257
characters to be copied to a 256 character ... The information in this bulletin
is provided "AS IS" without warranty of any kind. ... In no event shall we be liable for any damages
whatsoever including direct, indirect, incidental, consequential, loss of business profits or special
damages. ... (Securiteam)
