SecuriTeam Blogs » Patching an IPS

Patching an IPS – 16 months !

July 13th, 2007 by Juha-Matti, Filed under: Commentary, Corporate Security, Culture, Web

TippingPoint Technologies has released two alerts reporting about vulnerabilities in TippingPoint IPS this week.

The first issue is Signature Evasion type issue reported by Paul Craig, Security-Assessment.com.
3Com’s Alert 07-003
(CVE-2007-3701)
The second one is problem in the handling of fragmented packets.
Bypassing the intrusion prevention system is possible.
3Com’s Alert 07-002
(CVE-2007-3711)

But when looking into disclosure timeline [pdf] of Andres Riancho, Cybsec Security Systems the vendor was contacted on 6th February, 2006 already.

The updated TOS version was released on 4th July, 2007, i.e. last week.

I’m not saying 3Com is slow when fixing vulnerabilities, I think this issue was extremely difficult to resolve. Cybsec will “disclose technical details 30 days after publication of pre-advisory”. Let’s wait!

Fionnbharr

Why do you think this issue was extremely difficult to resolve if you don’t know any of the technical details? I’m happy to say that 3Com was slow when fixing these vulnerabilities
http://networksecurity.typepad.com/ Juha-Matti

The conclusion is written here because it took several months to confirm the existence of vulnerability too.
But let’s wait the official, final advisory.

Patching an IPS – 16 months !

Categories

More Securiteam

New

Comments

Admin