3 results (0.003 seconds)

CVSS: 7.5EPSS: 3%CPEs: 10EXPL: 0

Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows remote attackers to avoid detection by sending certain fragmented packets. Vulnerabilidad no especificada en TOS 2.1.x, 2.2.x versiones anteriores a 2.2.5, y 2.5.x versiones anteriores a 2.5.2 en TippingPoint IPS permite a atacantes remotos evitar detección al enviar determinados fragmentos de paquetes. • http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0210.html http://osvdb.org/35969 http://secunia.com/advisories/26017 http://www.3com.com/securityalert/alerts/3COM-07-002.html http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_3Com_TippingPoint_IPS_Detection_Bypass_2.pdf http://www.securityfocus.com/archive/1/473394/100/0/threaded http://www.securityfocus.com/bid/24861 http://www.securitytracker.com/id?1018386 http://www.vupen.com/english/advisories/2007/2489 htt • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 10%CPEs: 23EXPL: 3

TippingPoint IPS before 20070710 does not properly handle a hex-encoded alternate Unicode '/' (slash) character, which might allow remote attackers to send certain network traffic and avoid detection, as demonstrated by a cmd.exe attack. TippingPoint IPS versiones anteriores a 20070710 no maneja apropiadamente el alternativo codificado en hexadecimal de un caracter '/' (barra), lo cual podría permitir a atacantes remotos enviar determinado tráfico de red y evitar la detección, como se demuestra con un ataque de cmd.exe. • https://www.exploit-db.com/exploits/30287 http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064550.html http://osvdb.org/35970 http://secunia.com/advisories/26013 http://security-assessment.com/files/advisories/2007-07-11_Tippingpoint_IPS_Signature_Evasion.pdf http://www.3com.com/securityalert/alerts/3COM-07-003.html http://www.securityfocus.com/archive/1/473311/100/0/threaded http://www.securityfocus.com/bid/24855 http://www.securitytracker.com/id?1018361 http:/&#x • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 7%CPEs: 1EXPL: 0

TippingPoint IPS running the TippingPoint Operating System (TOS) before 2.2.4.6519 allows remote attackers to "force the device into layer 2 fallback (L2FB)", causing a denial of service (page fault), via a malformed packet. TippingPoint IPS bajo TippingPoint Operating System (TOS) anterior a 2.2.4.6519 permite a atacantes remotos "forzar al dispositivo dentro de (L2FB) " (layer 2 fallback), provocando una denegación de servicio (fallo de pagina), a través de paquetes malformados. • http://secunia.com/advisories/21154 http://securityreason.com/securityalert/1286 http://securitytracker.com/id?1016562 http://www.3com.com/securityalert/alerts/3COM-06-003.html http://www.securityfocus.com/archive/1/440944/100/0/threaded http://www.securityfocus.com/bid/19125 http://www.vupen.com/english/advisories/2006/2956 https://exchange.xforce.ibmcloud.com/vulnerabilities/27934 • CWE-254: 7PK - Security Features •