VULHUB ™

A vulnerability exists in certain models of 3Com hubs and potentially other 3Com network products. The affected devices fail to properly restrict the allowed number of login attempts to the inbuilt telnet-based administration interface from remote users. Attackers can use brute-force cracking techniques in obtaining access to 3Com telnetd config accounts. Exploiting this, a malicious user can interfere with the device's operation and configuration, creating denials of service and further compromising the network on which the device is installed.

A vulnerability exists in certain models of 3Com hubs and potentially other 3Com network products. The affected devices fail to properly restrict the allowed number of login attempts to the inbuilt telnet-based administration interface from remote users. Attackers can use brute-force cracking techniques in obtaining access to 3Com telnetd config accounts. Exploiting this, a malicious user can interfere with the device's operation and configuration, creating denials of service and further compromising the network on which the device is installed.