----------------------------------------------------------------------


Looking for a job?


Secunia is hiring skilled researchers and talented developers.


http://secunia.com/company/jobs/


----------------------------------------------------------------------

TITLE:
3Com H3C Products SSH Server Denial of Service Vulnerability

SECUNIA ADVISORY ID:
SA39785

VERIFY ADVISORY:
http://secunia.com/advisories/39785/

DESCRIPTION:
A vulnerability has been reported in 3Com H3C products, which can be
exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an unspecified error and can be
exploited to cause an affected device to reboot by sending specially
crafted SSH packets to it.

Successful exploitation requires that the device is configured as SSH
server.

SOLUTION:
Update to the latest versions.

H3C S3100-52P:
Update to Comware 3.10 Release 1702P13.

3Com Switch 4500:
Update to version 3.03.02p09

3Com Switch 4200:
Update to version 3.2.4.

PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.

ORIGINAL ADVISORY:
3Com H3C (LSOD09619):
http://support.3com.com/documents/H3C/switches/3100/H3C_S3100-52P_CMW3.10.R1702P13_Release_Notes.pdf
http://support.3com.com/documents/switches/4500/Switch_4500_V3.03.02p09_Release_Notes.pdf

3Com H3C (LSOD09646)
http://support.3com.com/documents/switches/4200G/Switch_4200G_V3.02.04_Release_Notes.pdf

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------