Test ID:	1.3.6.1.4.1.25623.1.0.12221
Category:	Web application abuses
Title:	3Com NBX VoIP NetSet Detection (HTTP)
Summary:	We have discovered that 3Com NBX VOIP NetSet is running; on the remote host. 3Com NBX VoIP NetSet's web server is powered by VxWorks.
Description:	Summary: We have discovered that 3Com NBX VOIP NetSet is running on the remote host. 3Com NBX VoIP NetSet's web server is powered by VxWorks. Vulnerability Insight: The web server is known to contain vulnerabilities that would allow a remote attacker to cause a denial of service against the product by simply running a port scanning/vulnerability scanning engine against it. Affected Software/OS: Problems have been observed in Netset 4.2.7, but previous 4.1 versions seem to be ok. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1977 BugTraq ID: 10240 http://www.securityfocus.com/bid/10240 Bugtraq: 20040429 3com NBX VOIP NetSet Denial of Service Attack (Google Search) http://marc.info/?l=bugtraq&m=108334887408554&w=2 http://www.secnap.net/security/20040420.html http://secunia.com/advisories/11504 http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0092.html XForce ISS Database: 3com-nbx-scan-dos(16015) https://exchange.xforce.ibmcloud.com/vulnerabilities/16015
Copyright	Copyright (C) 2004 Noam Rathaus

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.