Seems like this should be reported to bugtraq and the vendor as a pretty serious bug if it hasn't been already.
my 0.02
Stig
> -----Original Message-----
> From: Stephen Bradley [mailto:[EMAIL PROTECTED]]
> Sent: Friday, July 26, 2002 9:58 AM
> To: 'Baumgartner Christoph'; Michel Arboi; [EMAIL PROTECTED]
> Subject: RE: 3COM SuperStack3 4400 Scanning experience
>
>
> Actually Christoph I consider that to be great news that it crashes
> the 3Com boxes. It adds another tool to the mix and now we know which
> tool it is.
>
> thanks
> steve
>
>
> -----Original Message-----
> From: Baumgartner Christoph [mailto:[EMAIL PROTECTED]]
> Sent: Friday, July 26, 2002 8:17 AM
> To: Michel Arboi; [EMAIL PROTECTED]
> Subject: RE: 3COM SuperStack3 4400 Scanning experience
>
>
> Hi Michel
>
> Thanks for your and Renaud's prompt answer. To find the true cause, I
> have set the Nessus configuration as follows:
>
> Scan Options:
> - number of hosts to test at the same time: 1
> - number of checks to perform at the same time: 1
> - 'Safe checks'
>
> Prefs:
> - connect()
> - UDP port scan
> - RPC port scan
> - Identify the remote OS
> - Fragment IP packets
>
> I have found two plugins that are incompatible with 3COM SuperStack 3
> 4400 Switches:
>
> - 'doc/packages directory browsable?' It forces the switch to reboot,
> waits until it is up and running again, just to crash it
> another time. A
> never ending story :-( I had to unplug the box to wait until the nasty
> plugin time out.
>
> - 'Apache Tomcat/servlet Cross Site Scripting' Same result, but it
> crashed the box only once. After that the next plugin began its test.
>
> I just wanted to inform the Nessus community to prevent others from
> further damage in connection with testing 3COM components. In
> a month, I
> have to test a productive environment with hundreds of 3COM network
> components. After that, I might have learned a lot about 3COM...
>
> Christoph Baumgartner
>
>
> -
> [EMAIL PROTECTED]: general discussions about Nessus.
> * To unsubscribe, send a mail to [EMAIL PROTECTED] with
> "unsubscribe nessus" in the body.
> * To subscribe again, send a mail to [EMAIL PROTECTED] with
> "subscribe nessus" in the body
> -
> [EMAIL PROTECTED]: general discussions about Nessus.
> * To unsubscribe, send a mail to [EMAIL PROTECTED] with
> "unsubscribe nessus" in the body.
> * To subscribe again, send a mail to [EMAIL PROTECTED] with
> "subscribe nessus" in the body
>
