Patching an IPS – 16 months !
TippingPoint Technologies has released two alerts reporting about vulnerabilities in TippingPoint IPS this week.
The first issue is Signature Evasion type issue reported by Paul Craig, Security-Assessment.com.
3Com’s Alert 07-003
The second one is problem in the handling of fragmented packets.
Bypassing the intrusion prevention system is possible.
3Com’s Alert 07-002
But when looking into disclosure timeline [pdf] of Andres Riancho, Cybsec Security Systems the vendor was contacted on 6th February, 2006 already.
The updated TOS version was released on 4th July, 2007, i.e. last week.
I’m not saying 3Com is slow when fixing vulnerabilities, I think this issue was extremely difficult to resolve. Cybsec will “disclose technical details 30 days after publication of pre-advisory”. Let’s wait!