Vulnerability Description
3COM OfficeConnect 812 and 840 ADSL Router 4.2, running OCR812 router software 1.1.9 and earlier, allows remote attackers to cause a denial of service via a long string containing a large number of "%s" strings, possibly triggering a format string vulnerability.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| 3Com | 3C840-Us | <= 1.1.9 |
| 3Com | 3Cp4144 | <= 1.1.9 |
References
- http://archives.neohapsis.com/archives/bugtraq/2001-05/0115.htmlExploitVendor Advisory
- http://marc.info/?l=bugtraq&m=100119572524232&w=2
- http://marc.info/?l=bugtraq&m=100137290421828&w=2
- http://www.securityfocus.com/bid/2721ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6573
- http://archives.neohapsis.com/archives/bugtraq/2001-05/0115.htmlExploitVendor Advisory
- http://marc.info/?l=bugtraq&m=100119572524232&w=2
- http://marc.info/?l=bugtraq&m=100137290421828&w=2
- http://www.securityfocus.com/bid/2721ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6573
FAQ
What is CVE-2001-0740?
CVE-2001-0740 is a vulnerability with a CVSS score of 5.0 (MEDIUM). 3COM OfficeConnect 812 and 840 ADSL Router 4.2, running OCR812 router software 1.1.9 and earlier, allows remote attackers to cause a denial of service via a long string containing a large number of "%...
How severe is CVE-2001-0740?
CVE-2001-0740 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-0740?
Check the references section above for vendor advisories and patch information. Affected products include: 3Com 3C840-Us, 3Com 3Cp4144.