CVSS: 7.5EPSS: 2%CPEs: 10EXPL: 0CVE-2007-3711
https://notcve.org/view.php?id=CVE-2007-3711
Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows remote attackers to avoid detection by sending certain fragmented packets. Vulnerabilidad no especificada en TOS 2.1.x, 2.2.x versiones anteriores a 2.2.5, y 2.5.x versiones anteriores a 2.5.2 en TippingPoint IPS permite a atacantes remotos evitar detección al enviar determinados fragmentos de paquetes. • http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0210.html http://osvdb.org/35969 http://secunia.com/advisories/26017 http://www.3com.com/securityalert/alerts/3COM-07-002.html http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_3Com_TippingPoint_IPS_Detection_Bypass_2.pdf http://www.securityfocus.com/archive/1/473394/100/0/threaded http://www.securityfocus.com/bid/24861 http://www.securitytracker.com/id?1018386 http://www.vupen.com/english/advisories/2007/2489 htt • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 0CVE-2007-3533
https://notcve.org/view.php?id=CVE-2007-3533
The 3Com IntelliJack Switch NJ220 before 2.0.23 allows remote attackers to cause a denial of service (reboot and reporting outage) via a loopback packet with zero in the length field. El conmutador 3Com IntelliJack Switch NJ220 anterior a 2.0.23 permite a atacantes remotos provocar una denegación de servicio (reinicio e imposibilidad de acceder a informes) mediante un paquete de interfaz local (loopback packet) con cero en el campo length(longitud). • http://osvdb.org/37791 http://secunia.com/advisories/25883 http://support.3com.com/infodeli/tools/nj/nj220_02_00_23_readme.pdf http://www.securityfocus.com/bid/24705 http://www.vupen.com/english/advisories/2007/2386 https://exchange.xforce.ibmcloud.com/vulnerabilities/35172 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 2CVE-2006-3974 – 3Com OfficeConnect Secure Router 1.04-168 - 'Tk' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2006-3974
Cross-site scripting (XSS) vulnerability in cgi-bin/admin in 3Com OfficeConnect Secure Router with firmware 1.04-168 allows remote attackers to inject arbitrary web script or HTML via the tk parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en cgi-bin/admin en 3Com OfficeConnect Secure Router con firmware 1.04-168 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro tk. • https://www.exploit-db.com/exploits/30164 http://osvdb.org/36888 http://secunia.com/advisories/21255 http://secunia.com/secunia_research/2006-60/advisory http://www.securityfocus.com/bid/24374 http://www.vupen.com/english/advisories/2007/2103 https://exchange.xforce.ibmcloud.com/vulnerabilities/34776 •
CVSS: 7.5EPSS: 2%CPEs: 8EXPL: 0CVE-2007-2734
https://notcve.org/view.php?id=CVE-2007-2734
The 3Com TippingPoint IPS do not properly handle certain full-width and half-width Unicode character encodings in an HTTP POST request, which might allow remote attackers to evade detection of HTTP traffic. 3Com TippingPoint IPS no maneja adecuadamente ciertas codificaciones de caracteres Unicode de ancho total (full-width) o mitad de ancho (half-width) en una petición HTTP POST, lo cual podría permitir a atacantes remotos evadir la detección de tráfico HTTP. • http://osvdb.org/35968 http://secunia.com/advisories/25302 http://securityreason.com/securityalert/2712 http://www.3com.com/securityalert/alerts/3COM-07-001.html http://www.gamasec.net/english/gs07-01.html http://www.kb.cert.org/vuls/id/739224 http://www.securityfocus.com/archive/1/468633/100/0/threaded http://www.vupen.com/english/advisories/2007/1817 •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2007-2276
https://notcve.org/view.php?id=CVE-2007-2276
3Com TippingPoint IPS allows remote attackers to cause a denial of service (device hang) via a flood of packets on TCP port 80 with sequentially increasing source ports, related to a "badly written loop." NOTE: the vendor disputes this issue, stating that the product has "performed as expected with no DoS emerging. ** DISPUTADA ** 3Com TippingPoint IPS permite a atacantes remotos causar una denegación de servicio (cuelgue de dispositivo) a través de una inundación de paquetes en el puerto TCP 80 con un incremento secuencial de puertos origen, relacionado con un 'bucle mal escrito'. NOTA: el vendedor impugna este problema, basándose en que el producto ha 'funcionado según lo esperado sin emerger DoS'. • http://osvdb.org/35724 http://www.securityfocus.com/archive/1/466784/100/0/threaded http://www.securityfocus.com/archive/1/466795/100/0/threaded http://www.securityfocus.com/archive/1/466891/100/0/threaded http://www.securityfocus.com/bid/23644 • CWE-399: Resource Management Errors •