cvelistv5 - cve-2007-3711

CVE-2007-3711 (GCVE-0-2007-3711)

Vulnerability from cvelistv5 – Published: 2007-07-11 23:00 – Updated: 2024-08-07 14:28

Summary

Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows remote attackers to avoid detection by sending certain fragmented packets.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Ad…	x_refsource_MISC
	http://www.securityfocus.com/bid/24861	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2007/2489	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/26017	third-party-advisoryx_refsource_SECUNIA
	http://www.3com.com/securityalert/alerts/3COM-07-…	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securitytracker.com/id?1018386	vdb-entryx_refsource_SECTRACK
	http://archives.neohapsis.com/archives/fulldisclo…	mailing-listx_refsource_FULLDISC
	http://osvdb.org/35969	vdb-entryx_refsource_OSVDB
	http://www.securityfocus.com/archive/1/473394/100…	mailing-listx_refsource_BUGTRAQ

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:28:52.099Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_3Com_TippingPoint_IPS_Detection_Bypass_2.pdf"
          },
          {
            "name": "24861",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24861"
          },
          {
            "name": "ADV-2007-2489",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2489"
          },
          {
            "name": "26017",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26017"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.3com.com/securityalert/alerts/3COM-07-002.html"
          },
          {
            "name": "tippingpoint-fragmented-security-bypass(35343)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35343"
          },
          {
            "name": "1018386",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018386"
          },
          {
            "name": "20070611 TippingPoint detection bypass",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0210.html"
          },
          {
            "name": "35969",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/35969"
          },
          {
            "name": "20070711 TippingPoint detection bypass",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/473394/100/0/threaded"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-07-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows remote attackers to avoid detection by sending certain fragmented packets."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_3Com_TippingPoint_IPS_Detection_Bypass_2.pdf"
        },
        {
          "name": "24861",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24861"
        },
        {
          "name": "ADV-2007-2489",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2489"
        },
        {
          "name": "26017",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26017"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.3com.com/securityalert/alerts/3COM-07-002.html"
        },
        {
          "name": "tippingpoint-fragmented-security-bypass(35343)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35343"
        },
        {
          "name": "1018386",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018386"
        },
        {
          "name": "20070611 TippingPoint detection bypass",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0210.html"
        },
        {
          "name": "35969",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/35969"
        },
        {
          "name": "20070711 TippingPoint detection bypass",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/473394/100/0/threaded"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3711",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows remote attackers to avoid detection by sending certain fragmented packets."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_3Com_TippingPoint_IPS_Detection_Bypass_2.pdf",
              "refsource": "MISC",
              "url": "http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_3Com_TippingPoint_IPS_Detection_Bypass_2.pdf"
            },
            {
              "name": "24861",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24861"
            },
            {
              "name": "ADV-2007-2489",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2489"
            },
            {
              "name": "26017",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26017"
            },
            {
              "name": "http://www.3com.com/securityalert/alerts/3COM-07-002.html",
              "refsource": "CONFIRM",
              "url": "http://www.3com.com/securityalert/alerts/3COM-07-002.html"
            },
            {
              "name": "tippingpoint-fragmented-security-bypass(35343)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35343"
            },
            {
              "name": "1018386",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018386"
            },
            {
              "name": "20070611 TippingPoint detection bypass",
              "refsource": "FULLDISC",
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0210.html"
            },
            {
              "name": "35969",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/35969"
            },
            {
              "name": "20070711 TippingPoint detection bypass",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/473394/100/0/threaded"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-3711",
    "datePublished": "2007-07-11T23:00:00",
    "dateReserved": "2007-07-11T00:00:00",
    "dateUpdated": "2024-08-07T14:28:52.099Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:3com:tippingpoint_ips_tos:2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"53E6DE7F-8507-4C37-A935-554D9F875C69\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:3com:tippingpoint_ips_tos:2.1.4.6324:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6654346B-3574-48D1-9A0B-2750D6FF4D96\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:3com:tippingpoint_ips_tos:2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"78E1B6D6-F779-451E-B4A9-E04D153F7F0C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1BCF4262-3F3F-44D7-BE61-1FDCF885C95F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.1.6506:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"276F1810-A4E9-4621-A81A-19EED8146E60\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"272C0A76-2981-42EC-8D85-D33293BE96FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F789A9E-34D3-4C17-AAD3-9DA6B940FA45\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"87DD0AC2-05E3-4BE7-8EB6-60FA011AA742\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:3com:tippingpoint_ips_tos:2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B929C12-052F-4A42-B155-7A51152B902A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:3com:tippingpoint_ips_tos:2.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F34B833-674E-4373-A9E1-62EA0A5F690E\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows remote attackers to avoid detection by sending certain fragmented packets.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad no especificada en TOS 2.1.x, 2.2.x versiones anteriores a 2.2.5, y 2.5.x versiones anteriores a 2.5.2 en TippingPoint IPS permite a atacantes remotos evitar detecci\\u00f3n al enviar determinados fragmentos de paquetes.\"}]",
      "id": "CVE-2007-3711",
      "lastModified": "2024-11-21T00:33:53.073",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": true, \"userInteractionRequired\": false}]}",
      "published": "2007-07-11T23:30:00.000",
      "references": "[{\"url\": \"http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0210.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://osvdb.org/35969\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/26017\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.3com.com/securityalert/alerts/3COM-07-002.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_3Com_TippingPoint_IPS_Detection_Bypass_2.pdf\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/473394/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/24861\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id?1018386\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/2489\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/35343\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0210.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://osvdb.org/35969\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/26017\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.3com.com/securityalert/alerts/3COM-07-002.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_3Com_TippingPoint_IPS_Detection_Bypass_2.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/473394/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/24861\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1018386\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/2489\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/35343\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-3711\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-07-11T23:30:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows remote attackers to avoid detection by sending certain fragmented packets.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en TOS 2.1.x, 2.2.x versiones anteriores a 2.2.5, y 2.5.x versiones anteriores a 2.5.2 en TippingPoint IPS permite a atacantes remotos evitar detecci\u00f3n al enviar determinados fragmentos de paquetes.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:3com:tippingpoint_ips_tos:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53E6DE7F-8507-4C37-A935-554D9F875C69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:3com:tippingpoint_ips_tos:2.1.4.6324:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6654346B-3574-48D1-9A0B-2750D6FF4D96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:3com:tippingpoint_ips_tos:2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78E1B6D6-F779-451E-B4A9-E04D153F7F0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BCF4262-3F3F-44D7-BE61-1FDCF885C95F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.1.6506:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"276F1810-A4E9-4621-A81A-19EED8146E60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"272C0A76-2981-42EC-8D85-D33293BE96FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F789A9E-34D3-4C17-AAD3-9DA6B940FA45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87DD0AC2-05E3-4BE7-8EB6-60FA011AA742\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:3com:tippingpoint_ips_tos:2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B929C12-052F-4A42-B155-7A51152B902A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:3com:tippingpoint_ips_tos:2.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F34B833-674E-4373-A9E1-62EA0A5F690E\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0210.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/35969\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/26017\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.3com.com/securityalert/alerts/3COM-07-002.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_3Com_TippingPoint_IPS_Detection_Bypass_2.pdf\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/473394/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/24861\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1018386\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/2489\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/35343\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0210.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/35969\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/26017\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.3com.com/securityalert/alerts/3COM-07-002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_3Com_TippingPoint_IPS_Detection_Bypass_2.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/473394/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/24861\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1018386\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/2489\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/35343\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTA-2007-AVI-298

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été identifiée dans le système d'exploitation TOS intégré aux solutions de sécurité 3Com TippingPoint IPS. Un fragmentation de paquets particulière permettrait de contourner la politique de détection mise en place.

Description

Une vulnérabilité a été identifiée dans le système d'exploitation TOS intégré aux solutions de sécurité 3Com TippingPoint IPS. Le service de détection ne fonctionnerait pas correctement sous certaines conditions de fragmentation des trames réseau (IP). L'exploitation de cette vulnérabilité permet ainsi à une personne malveillante distante de contourner les politiques de filtrage et de détection mises en place.

Solution

Se référer à l'alerte de sécurité l'éditeur 3Com pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	les produits 3Com TippingPoint IPS ayant une version TOS 2.1.x ;
N/A	N/A	les produits 3Com TippingPoint IPS ayant une version TOS 2.2.x antérieure à 2.2.5 ;
N/A	N/A	les produits 3Com TippingPoint IPS ayant une version TOS 2.5.x antérieure à 2.5.2.

References

Title

Publication Time

Tags

Alerte de sécurité 3COM-07-002 du 10 juillet 2007	None	vendor-advisory
Alerte 3Com 3COM-07-002 du 10 juillet 2007, « TippinPoint IPS Filter Bypass Vulnerability » :	-	other
Avis de sécurité Cybsec du 04 juillet 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "les produits 3Com TippingPoint IPS ayant une version TOS 2.1.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "les produits 3Com TippingPoint IPS ayant une version TOS 2.2.x ant\u00e9rieure \u00e0 2.2.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "les produits 3Com TippingPoint IPS ayant une version TOS 2.5.x ant\u00e9rieure \u00e0 2.5.2.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans le syst\u00e8me d\u0027exploitation TOS\nint\u00e9gr\u00e9 aux solutions de s\u00e9curit\u00e9 3Com TippingPoint IPS. Le service de\nd\u00e9tection ne fonctionnerait pas correctement sous certaines conditions\nde fragmentation des trames r\u00e9seau (IP). L\u0027exploitation de cette\nvuln\u00e9rabilit\u00e9 permet ainsi \u00e0 une personne malveillante distante de\ncontourner les politiques de filtrage et de d\u00e9tection mises en place.\n\n## Solution\n\nSe r\u00e9f\u00e9rer \u00e0 l\u0027alerte de s\u00e9curit\u00e9 l\u0027\u00e9diteur 3Com pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-3711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3711"
    }
  ],
  "links": [
    {
      "title": "Alerte 3Com 3COM-07-002 du 10 juillet 2007, \u00ab TippinPoint    IPS Filter Bypass Vulnerability \u00bb :",
      "url": "http://www.3com.com/securityalert/alerts/3COM-07-002.html"
    },
    {
      "title": "Avis de s\u00e9curit\u00e9 Cybsec du 04 juillet 2007 :",
      "url": "http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_3Com_TippingPoint_IPS_Detection_Bypass_2.pdf"
    }
  ],
  "reference": "CERTA-2007-AVI-298",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-07-11T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence CVE associ\u00e9e.",
      "revision_date": "2007-07-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans le syst\u00e8me d\u0027exploitation TOS\nint\u00e9gr\u00e9 aux solutions de s\u00e9curit\u00e9 3Com TippingPoint IPS. Un\nfragmentation de paquets particuli\u00e8re permettrait de contourner la\npolitique de d\u00e9tection mise en place.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans 3Com TippingPoint IPS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Alerte de s\u00e9curit\u00e9 3COM-07-002 du 10 juillet 2007",
      "url": null
    }
  ]
}

CERTA-2007-AVI-298

Vulnerability from certfr_avis - Published: - Updated:

Description

Solution

Se référer à l'alerte de sécurité l'éditeur 3Com pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	les produits 3Com TippingPoint IPS ayant une version TOS 2.1.x ;
N/A	N/A	les produits 3Com TippingPoint IPS ayant une version TOS 2.2.x antérieure à 2.2.5 ;
N/A	N/A	les produits 3Com TippingPoint IPS ayant une version TOS 2.5.x antérieure à 2.5.2.

References

Title

Publication Time

Tags

Alerte de sécurité 3COM-07-002 du 10 juillet 2007	None	vendor-advisory
Alerte 3Com 3COM-07-002 du 10 juillet 2007, « TippinPoint IPS Filter Bypass Vulnerability » :	-	other
Avis de sécurité Cybsec du 04 juillet 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "les produits 3Com TippingPoint IPS ayant une version TOS 2.1.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "les produits 3Com TippingPoint IPS ayant une version TOS 2.2.x ant\u00e9rieure \u00e0 2.2.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "les produits 3Com TippingPoint IPS ayant une version TOS 2.5.x ant\u00e9rieure \u00e0 2.5.2.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans le syst\u00e8me d\u0027exploitation TOS\nint\u00e9gr\u00e9 aux solutions de s\u00e9curit\u00e9 3Com TippingPoint IPS. Le service de\nd\u00e9tection ne fonctionnerait pas correctement sous certaines conditions\nde fragmentation des trames r\u00e9seau (IP). L\u0027exploitation de cette\nvuln\u00e9rabilit\u00e9 permet ainsi \u00e0 une personne malveillante distante de\ncontourner les politiques de filtrage et de d\u00e9tection mises en place.\n\n## Solution\n\nSe r\u00e9f\u00e9rer \u00e0 l\u0027alerte de s\u00e9curit\u00e9 l\u0027\u00e9diteur 3Com pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-3711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3711"
    }
  ],
  "links": [
    {
      "title": "Alerte 3Com 3COM-07-002 du 10 juillet 2007, \u00ab TippinPoint    IPS Filter Bypass Vulnerability \u00bb :",
      "url": "http://www.3com.com/securityalert/alerts/3COM-07-002.html"
    },
    {
      "title": "Avis de s\u00e9curit\u00e9 Cybsec du 04 juillet 2007 :",
      "url": "http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_3Com_TippingPoint_IPS_Detection_Bypass_2.pdf"
    }
  ],
  "reference": "CERTA-2007-AVI-298",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-07-11T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence CVE associ\u00e9e.",
      "revision_date": "2007-07-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans le syst\u00e8me d\u0027exploitation TOS\nint\u00e9gr\u00e9 aux solutions de s\u00e9curit\u00e9 3Com TippingPoint IPS. Un\nfragmentation de paquets particuli\u00e8re permettrait de contourner la\npolitique de d\u00e9tection mise en place.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans 3Com TippingPoint IPS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Alerte de s\u00e9curit\u00e9 3COM-07-002 du 10 juillet 2007",
      "url": null
    }
  ]
}

GHSA-8W88-PHHF-CPCQ

Vulnerability from github – Published: 2022-05-01 18:16 – Updated: 2022-05-01 18:16

Details

Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows remote attackers to avoid detection by sending certain fragmented packets.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-3711"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-07-11T23:30:00Z",
    "severity": "HIGH"
  },
  "details": "Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows remote attackers to avoid detection by sending certain fragmented packets.",
  "id": "GHSA-8w88-phhf-cpcq",
  "modified": "2022-05-01T18:16:28Z",
  "published": "2022-05-01T18:16:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3711"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35343"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0210.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/35969"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26017"
    },
    {
      "type": "WEB",
      "url": "http://www.3com.com/securityalert/alerts/3COM-07-002.html"
    },
    {
      "type": "WEB",
      "url": "http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_3Com_TippingPoint_IPS_Detection_Bypass_2.pdf"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/473394/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/24861"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1018386"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/2489"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2007-3711

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows remote attackers to avoid detection by sending certain fragmented packets.

Aliases

CVE-2007-3711

Aliases

CVE-2007-3711

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-3711",
    "description": "Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows remote attackers to avoid detection by sending certain fragmented packets.",
    "id": "GSD-2007-3711"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-3711"
      ],
      "details": "Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows remote attackers to avoid detection by sending certain fragmented packets.",
      "id": "GSD-2007-3711",
      "modified": "2023-12-13T01:21:41.642665Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-3711",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows remote attackers to avoid detection by sending certain fragmented packets."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_3Com_TippingPoint_IPS_Detection_Bypass_2.pdf",
            "refsource": "MISC",
            "url": "http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_3Com_TippingPoint_IPS_Detection_Bypass_2.pdf"
          },
          {
            "name": "24861",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/24861"
          },
          {
            "name": "ADV-2007-2489",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/2489"
          },
          {
            "name": "26017",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/26017"
          },
          {
            "name": "http://www.3com.com/securityalert/alerts/3COM-07-002.html",
            "refsource": "CONFIRM",
            "url": "http://www.3com.com/securityalert/alerts/3COM-07-002.html"
          },
          {
            "name": "tippingpoint-fragmented-security-bypass(35343)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35343"
          },
          {
            "name": "1018386",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1018386"
          },
          {
            "name": "20070611 TippingPoint detection bypass",
            "refsource": "FULLDISC",
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0210.html"
          },
          {
            "name": "35969",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/35969"
          },
          {
            "name": "20070711 TippingPoint detection bypass",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/473394/100/0/threaded"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:3com:tippingpoint_ips_tos:2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:3com:tippingpoint_ips_tos:2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:3com:tippingpoint_ips_tos:2.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.1.6506:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:3com:tippingpoint_ips_tos:2.1.4.6324:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:3com:tippingpoint_ips_tos:2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3711"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows remote attackers to avoid detection by sending certain fragmented packets."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.3com.com/securityalert/alerts/3COM-07-002.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.3com.com/securityalert/alerts/3COM-07-002.html"
            },
            {
              "name": "26017",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/26017"
            },
            {
              "name": "http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_3Com_TippingPoint_IPS_Detection_Bypass_2.pdf",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_3Com_TippingPoint_IPS_Detection_Bypass_2.pdf"
            },
            {
              "name": "24861",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/24861"
            },
            {
              "name": "1018386",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1018386"
            },
            {
              "name": "ADV-2007-2489",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/2489"
            },
            {
              "name": "20070611 TippingPoint detection bypass",
              "refsource": "FULLDISC",
              "tags": [],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0210.html"
            },
            {
              "name": "35969",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/35969"
            },
            {
              "name": "tippingpoint-fragmented-security-bypass(35343)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35343"
            },
            {
              "name": "20070711 TippingPoint detection bypass",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/473394/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": true,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-15T21:29Z",
      "publishedDate": "2007-07-11T23:30Z"
    }
  }
}

FKIE_CVE-2007-3711

Vulnerability from fkie_nvd - Published: 2007-07-11 23:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows remote attackers to avoid detection by sending certain fragmented packets.

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0210.html
cve@mitre.org	http://osvdb.org/35969
cve@mitre.org	http://secunia.com/advisories/26017	Vendor Advisory
cve@mitre.org	http://www.3com.com/securityalert/alerts/3COM-07-002.html	Vendor Advisory
cve@mitre.org	http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_3Com_TippingPoint_IPS_Detection_Bypass_2.pdf
cve@mitre.org	http://www.securityfocus.com/archive/1/473394/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/24861
cve@mitre.org	http://www.securitytracker.com/id?1018386
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2489
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/35343
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0210.html
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/35969
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26017	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.3com.com/securityalert/alerts/3COM-07-002.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_3Com_TippingPoint_IPS_Detection_Bypass_2.pdf
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/473394/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/24861
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1018386
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2489
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/35343

Impacted products

Vendor	Product	Version
3com	tippingpoint_ips_tos	2.1
3com	tippingpoint_ips_tos	2.1.4.6324
3com	tippingpoint_ips_tos	2.2
3com	tippingpoint_ips_tos	2.2.1
3com	tippingpoint_ips_tos	2.2.1.6506
3com	tippingpoint_ips_tos	2.2.2
3com	tippingpoint_ips_tos	2.2.3
3com	tippingpoint_ips_tos	2.2.4
3com	tippingpoint_ips_tos	2.5
3com	tippingpoint_ips_tos	2.5.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:3com:tippingpoint_ips_tos:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "53E6DE7F-8507-4C37-A935-554D9F875C69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:3com:tippingpoint_ips_tos:2.1.4.6324:*:*:*:*:*:*:*",
              "matchCriteriaId": "6654346B-3574-48D1-9A0B-2750D6FF4D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:3com:tippingpoint_ips_tos:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "78E1B6D6-F779-451E-B4A9-E04D153F7F0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BCF4262-3F3F-44D7-BE61-1FDCF885C95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.1.6506:*:*:*:*:*:*:*",
              "matchCriteriaId": "276F1810-A4E9-4621-A81A-19EED8146E60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "272C0A76-2981-42EC-8D85-D33293BE96FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F789A9E-34D3-4C17-AAD3-9DA6B940FA45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "87DD0AC2-05E3-4BE7-8EB6-60FA011AA742",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:3com:tippingpoint_ips_tos:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B929C12-052F-4A42-B155-7A51152B902A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:3com:tippingpoint_ips_tos:2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F34B833-674E-4373-A9E1-62EA0A5F690E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows remote attackers to avoid detection by sending certain fragmented packets."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en TOS 2.1.x, 2.2.x versiones anteriores a 2.2.5, y 2.5.x versiones anteriores a 2.5.2 en TippingPoint IPS permite a atacantes remotos evitar detecci\u00f3n al enviar determinados fragmentos de paquetes."
    }
  ],
  "id": "CVE-2007-3711",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-07-11T23:30:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0210.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/35969"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26017"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.3com.com/securityalert/alerts/3COM-07-002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_3Com_TippingPoint_IPS_Detection_Bypass_2.pdf"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/473394/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/24861"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018386"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2489"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35343"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0210.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/35969"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26017"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.3com.com/securityalert/alerts/3COM-07-002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_3Com_TippingPoint_IPS_Detection_Bypass_2.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/473394/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/24861"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018386"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2489"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35343"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2007-3711 (GCVE-0-2007-3711)

CERTA-2007-AVI-298

Description

Solution

CERTA-2007-AVI-298

Description

Solution

GHSA-8W88-PHHF-CPCQ

GSD-2007-3711

FKIE_CVE-2007-3711

Tags

Sightings

Nomenclature