DOS: 3Com OfficeConnect HTTP Router Denial of Service

This signature detects attempts to exploit the firmware vulnerability in the 3COM OfficeConnect 812 and 840 DSL/ADSL routers. OCR812 versions 1.1.9 and earlier are susceptible. Attackers can remotely request long strings from the HTTP daemon, making the router reboot/power cycle and creating a denial of service (DoS).

Extended Description

OfficeConnect 812 is a DSL router manufactured by 3Com, and distributed by numerous DSL providers. OfficeConnect 812 is an integrated ADSL router with an onboard 4 port switch. A problem in the firmware included with this router could allow a Denial of Service. It is possible to reboot the router by connecting to the HTTP daemon, and requesting a long string. The router will power-cycle itself. This problem makes it possible for a remote user to deny service to legimate users of networks serviced by the router.

Affected Products

3com officeconnect_dsl_router_840

Short Name
DOS:NETDEV:NETWORK-3COM-DOS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
DOS
Keywords
3Com CVE-2001-0740 Denial HTTP OfficeConnect Router Service bid:2721 of
Release Date
04/22/2003
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3375
False Positive
Unknown
Vendors

3com

CVSS Score

5.0

Found a potential security threat?