Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org .
3COM HomeConnect Cable Modem contains a flaw that may allow a remote denial of service. The issue is triggered when sending a specially crafted HTTP request containing more than 100 characters, and will result in loss of availability for the modem.
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: use the modem's firmware to set up a filter to block port 80/tcp traffic.
This vulnerability was reported to BugTraq by Alex S. Harasic <email@example.com>.
3Com HomeConnect Cable Modem External with USB
A problem in the firmware running the cable modem could allow a denial of service. It is possible to reboot the modem by connecting to the HTTP service and requesting a long string. This will cause the modem to reset itself.
This problem makes it possible for a remote user to deny service to legimate users of networks serviced by the modem.
This vulnerability is most likely related to BugTraq ID 2721.
It is possible that this behaviour is due to a buffer overflow condition. If this is the case, an the attacker is familiar with the firmware/hardware, it may be possible to force the execution of attacker-supplied instructions.
This vulnerability can be exploited using a web browser.
Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org <mailto:email@example.com>.