3COM-07-002
TippingPoint™ IPS Filter Bypass Vulnerability

July 10, 2007

CVE ID:
Not yet assigned.

Affected Vendor:
3Com TippingPoint

Affected Products:
TippingPoint IPS running TOS versions 2.1.x, 2.2.x prior to 2.2.5, and 2.5.x
prior to 2.5.2

Severity Assessment : Moderate

Vulnerability Details:
TippingPoint has identified an evasion in the TippingPoint Operating System (TOS). This evasion can allow remote attackers to bypass detection by fragmenting packets in a specific manner.

Update Availability:
This issue has been addressed in TippingPoint IPS TOS release version 2.5.2 and 2.2.5. Customers can obtain the update from the Threat Management Center: http://tmc.tippingpoint.com.

Workarounds:
There are currently no known workarounds for this issue.

Credit:
This vulnerability was discovered by Andres Riancho of Cybsec Security Systems

Support:
Technical support is available by contacting TippingPoint Technical Support at
866-681-8324.