HP ProCurve Switch Denial of Service Vulnerability

A problem with the switch could make it possible to deny telnet service to legitimate users of the device. The problem is in the handling of port scans by the device.

A ProCurve switch could be led to deny telnet users service of the switch. When the switch is portscanned by a tool such as nmap, which is capable of producing a high amount of TCP connect() requests in a short period of time, the switch will no longer accept new telnet connections.

Reportedly, this issue does not affect ICMP or SNMP management of the device, nor are existing telnet sessions disconnected. Rebooting the switch may be required in order to regain normal functionality.

HP ProCurve 4000M with firmware version C.09.09 or C.08.22 are reported to be susceptible to this issue.


Privacy Statement
Copyright 2010, SecurityFocus