NotCVE - vendor:"3com"

Page 2 of 41 results (0.014 seconds)

CVSS: 7.5EPSS: 10%CPEs: 23EXPL: 3

CVE-2007-3701 – TippingPoint IPS - Unicode Character Detection Bypass

https://notcve.org/view.php?id=CVE-2007-3701

TippingPoint IPS before 20070710 does not properly handle a hex-encoded alternate Unicode '/' (slash) character, which might allow remote attackers to send certain network traffic and avoid detection, as demonstrated by a cmd.exe attack. TippingPoint IPS versiones anteriores a 20070710 no maneja apropiadamente el alternativo codificado en hexadecimal de un caracter '/' (barra), lo cual podría permitir a atacantes remotos enviar determinado tráfico de red y evitar la detección, como se demuestra con un ataque de cmd.exe. • https://www.exploit-db.com/exploits/30287 http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064550.html http://osvdb.org/35970 http://secunia.com/advisories/26013 http://security-assessment.com/files/advisories/2007-07-11_Tippingpoint_IPS_Signature_Evasion.pdf http://www.3com.com/securityalert/alerts/3COM-07-003.html http://www.securityfocus.com/archive/1/473311/100/0/threaded http://www.securityfocus.com/bid/24855 http://www.securitytracker.com/id?1018361 http:/&#x • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 0

CVE-2007-3533

https://notcve.org/view.php?id=CVE-2007-3533

The 3Com IntelliJack Switch NJ220 before 2.0.23 allows remote attackers to cause a denial of service (reboot and reporting outage) via a loopback packet with zero in the length field. El conmutador 3Com IntelliJack Switch NJ220 anterior a 2.0.23 permite a atacantes remotos provocar una denegación de servicio (reinicio e imposibilidad de acceder a informes) mediante un paquete de interfaz local (loopback packet) con cero en el campo length(longitud). • http://osvdb.org/37791 http://secunia.com/advisories/25883 http://support.3com.com/infodeli/tools/nj/nj220_02_00_23_readme.pdf http://www.securityfocus.com/bid/24705 http://www.vupen.com/english/advisories/2007/2386 https://exchange.xforce.ibmcloud.com/vulnerabilities/35172 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 2

CVE-2006-3974 – 3Com OfficeConnect Secure Router 1.04-168 - 'Tk' Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2006-3974

Cross-site scripting (XSS) vulnerability in cgi-bin/admin in 3Com OfficeConnect Secure Router with firmware 1.04-168 allows remote attackers to inject arbitrary web script or HTML via the tk parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en cgi-bin/admin en 3Com OfficeConnect Secure Router con firmware 1.04-168 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro tk. • https://www.exploit-db.com/exploits/30164 http://osvdb.org/36888 http://secunia.com/advisories/21255 http://secunia.com/secunia_research/2006-60/advisory http://www.securityfocus.com/bid/24374 http://www.vupen.com/english/advisories/2007/2103 https://exchange.xforce.ibmcloud.com/vulnerabilities/34776 •

CVSS: 7.5EPSS: 2%CPEs: 8EXPL: 0

CVE-2007-2734

https://notcve.org/view.php?id=CVE-2007-2734

The 3Com TippingPoint IPS do not properly handle certain full-width and half-width Unicode character encodings in an HTTP POST request, which might allow remote attackers to evade detection of HTTP traffic. 3Com TippingPoint IPS no maneja adecuadamente ciertas codificaciones de caracteres Unicode de ancho total (full-width) o mitad de ancho (half-width) en una petición HTTP POST, lo cual podría permitir a atacantes remotos evadir la detección de tráfico HTTP. • http://osvdb.org/35968 http://secunia.com/advisories/25302 http://securityreason.com/securityalert/2712 http://www.3com.com/securityalert/alerts/3COM-07-001.html http://www.gamasec.net/english/gs07-01.html http://www.kb.cert.org/vuls/id/739224 http://www.securityfocus.com/archive/1/468633/100/0/threaded http://www.vupen.com/english/advisories/2007/1817 •

CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0

CVE-2007-2276

https://notcve.org/view.php?id=CVE-2007-2276

3Com TippingPoint IPS allows remote attackers to cause a denial of service (device hang) via a flood of packets on TCP port 80 with sequentially increasing source ports, related to a "badly written loop." NOTE: the vendor disputes this issue, stating that the product has "performed as expected with no DoS emerging. ** DISPUTADA ** 3Com TippingPoint IPS permite a atacantes remotos causar una denegación de servicio (cuelgue de dispositivo) a través de una inundación de paquetes en el puerto TCP 80 con un incremento secuencial de puertos origen, relacionado con un 'bucle mal escrito'. NOTA: el vendedor impugna este problema, basándose en que el producto ha 'funcionado según lo esperado sin emerger DoS'. • http://osvdb.org/35724 http://www.securityfocus.com/archive/1/466784/100/0/threaded http://www.securityfocus.com/archive/1/466795/100/0/threaded http://www.securityfocus.com/archive/1/466891/100/0/threaded http://www.securityfocus.com/bid/23644 • CWE-399: Resource Management Errors •

1 2 3 4 5