The 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point is susceptible to a denial of service condition via the web management interface.
9849fcdf81060bc5e4eb148d4e44667e9e892e9da6e3c25d212c10f11dbd7eed
Title
---------
DDIVRT-2008-14 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point
Malformed HTTP POST DoS
Severity
--------
Medium
Date Discovered
---------------
May 20, 2008
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Brandon Shilling and r@b13$
Vulnerability Description
-------------------------
The 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point is an
enterprise-grade wireless access point. The web management interface is
vulnerable to a DoS condition due to improper validation of malformed
HTTP POST requests. Successful exploitation will result in a complete
DoS of the device.
Solution Description
--------------------
3Com has not addressed this issue at this time. Digital Defense, Inc.
does not currently know of any work arounds for this flaw.
Tested Systems / Software (with versions)
------------------------------------------
Tested against 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point,
firmware unknown.
Vendor Contact
--------------
Name: 3Com
Website: http://www.3com.com