Re: Exploit for old 3com bug ("3Com OfficeConnect Remote 812 ADSL Router Authentication Bypass Vulnerability")

From: Stefano Zanero (s.zanero@securenetwork.it)
Date: Mon Aug 29 2005 - 18:14:59 EDT

• Next message: David McCaskill: "RE: Network discovery"
• Previous message: Jeffrey Denton: "Re: Where are Windows "Enforce password history" passwords stored?"
• In reply to: Roman Medina-Heigl Hernandez: "Exploit for old 3com bug ("3Com OfficeConnect Remote 812 ADSL Router Authentication Bypass Vulnerability")"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Roman Medina-Heigl Hernandez wrote:
> Hi,
>
> Does anybody have information about the exploitation of this old bug?
> http://www.idefense.com/application/poi/display?id=106&type=vulnerabilities

You just keep trying, and it sort of happens :)

BTW: that router has also other strange vulnerabilities I described in
past, such as the fact that "sometimes" packet filtering rules beyond
the tenth rule or so are not applied, and so on. Fixes have never been
released by 3Com AFAIK...

Regards,
Stefano Zanero
---------------------------
Secure Network S.r.l.
www.securenetwork.it

• Next message: David McCaskill: "RE: Network discovery"
• Previous message: Jeffrey Denton: "Re: Where are Windows "Enforce password history" passwords stored?"
• In reply to: Roman Medina-Heigl Hernandez: "Exploit for old 3com bug ("3Com OfficeConnect Remote 812 ADSL Router Authentication Bypass Vulnerability")"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:47 EDT