Date: Fri, 25 Dec 1998 16:01:36 +0100
From: Olaf Selke <Olaf.Selke@MEDIAWAYS.NET>
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
To: BUGTRAQ@netspace.org
Subject: 3Com HiPer ARC vulnerable to nestea attack

We found 3Com's HiPer ARCs running system version 4.1.11
being vulnerable to the nestea DoS attack. The cards simply
crash and reboot.


The multi DoS tool targa v1.1
http://www.rootshell.com/archive-j457nxiqi3gq59dv/199806/targa.c.html
started with the nestea option can be used for demonstration.


*sigh* As already mentioned on Bugtraq in the past, 3Com/USR's IP
stacks are not very resistant against this specific kind of DoS attack:

NetServer card: http://geek-girl.com/bugtraq/1998_4/0198.html
PalmPilot:      http://geek-girl.com/bugtraq/1998_2/0138.html


>From my experiences 3Com has fixed this bug in the recent Total Control
NetServer card code base. Apparently it was re-introduced by the HiPer ARC.

Olaf
--
Olaf Selke, olaf.selke@mediaways.net, voice +49 5241 80-7069