ID
VAR-201004-0520
TITLE
3Com H3C S9500E / S12500 Switch Denial of Service Vulnerability
Trust: 0.6
DESCRIPTION
The 3Com H3C S9500E and S12500 are next-generation core switches. When processing URLs, there are unspecified errors in the WEB entry validation provided by the 3Com H3C S9500E and S12500, and remote attackers can exploit the vulnerability to restart the device. WEB entry validation is not enabled by default. ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: 3Com H3C S9500E / S12500 Switches Denial of Service SECUNIA ADVISORY ID: SA39513 VERIFY ADVISORY: http://secunia.com/advisories/39513/ DESCRIPTION: A vulnerability has been reported in 3Com H3C S9500E and S12500 switches, which can be exploited by malicious people to cause a DoS (Denial of Service). SOLUTION: Update to the latest version. H3C S9500E: Update to Comware 5.20 Release 1230P01. H3C S12500: Update to Comware 5.20 Release 1230P01. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: 3Com: http://support.3com.com/documents/H3C/switches/9500/H3C_S9500E_CMW5.20.R1230P01_Release_Notes.pdf http://support.3com.com/documents/H3C/switches/12500/H3C_S12500_CMW5.20.R1230P01_Release_Notes.pdf ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
Trust: 0.63
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | 3com | model: | h3c s9500e core routing switch | scope: | - | version: | - | Trust: 0.6 |
| vendor: | 3com | model: | h3c s12500 series switches | scope: | - | version: | - | Trust: 0.6 |
PATCH
| title: | 3Com H3C S9500E / S12500 Switch Denial of Service Patch | url: | https://www.cnvd.org.cn/patchinfo/show/311 | Trust: 0.6 |
EXTERNAL IDS
| db: | SECUNIA | id: | 39513 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2010-0653 | Trust: 0.6 |
| db: | PACKETSTORM | id: | 88686 | Trust: 0.1 |
REFERENCES
| url: | http://secunia.com/advisories/39513/ | Trust: 0.7 |
| url: | http://secunia.com/advisories/about_secunia_advisories/ | Trust: 0.1 |
| url: | http://secunia.com/advisories/secunia_security_advisories/ | Trust: 0.1 |
| url: | http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ | Trust: 0.1 |
| url: | http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org | Trust: 0.1 |
| url: | http://support.3com.com/documents/h3c/switches/9500/h3c_s9500e_cmw5.20.r1230p01_release_notes.pdf | Trust: 0.1 |
| url: | http://support.3com.com/documents/h3c/switches/12500/h3c_s12500_cmw5.20.r1230p01_release_notes.pdf | Trust: 0.1 |
CREDITS
Secunia
Trust: 0.1
SOURCES
| db: | CNVD | id: | CNVD-2010-0653 |
| db: | PACKETSTORM | id: | 88686 |
LAST UPDATE DATE
2022-05-17T02:06:08.376000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2010-0653 | date: | 2010-04-20T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2010-0653 | date: | 2010-04-20T00:00:00 |
| db: | PACKETSTORM | id: | 88686 | date: | 2010-04-20T06:39:58 |