3Com’s Zero Day Initiative Alleviates First Threat Discovered Through Program
MALBOROUGH, Mass. – October 12, 2005 – 3Com and its TippingPoint division, today announced the first vulnerability disclosed through the Zero Day Initiative (ZDI) and worked closely with the affected vendor to issue a corresponding patch, eliminating the threat of a zero day attack. The vulnerability was discovered in Veritas NetBackup versions 4.5 through 6.0 from Symantec.
Upon obtaining the vulnerability information, 3Com immediately reported the threat to Symantec on September 12, which in turn applied the necessary resources to address the vulnerability and issued the patch today. Shortly after reporting the threat to Symantec, 3Com customers using the TippingPointTM IPS were issued protection against zero day attacks targeting the Symantec vulnerability, and have been preemptively protected for nearly one month.
The Zero Day Initiative was launched by 3Com in July to enable the responsible disclosure of vulnerabilities in order to make technology more secure for users and businesses. Since the launch, over 150 researchers have registered for the program.
Through the program, 3Com rewards security researchers for responsibly informing 3Com of newly discovered zero day vulnerabilities, vulnerabilities that are unknown and for which there is no patch. 3Com notifies the affected vendor so a patch can be developed and the researcher agrees to keep the information confidential until the patch is issued so affected organizations are not at risk of attack. In addition to protecting all users from zero day threats by ensuring potentially harmful information is kept confidential until a patch is issued, TippingPoint customers are protected against exploits of zero day vulnerabilities through security filters delivered through the Digital Vaccine® service.
“The response we have received from launching ZDI has far exceeded our expectations,” said 3Com Chief Technology Officer Marc Willebeek-LeMair. “By harnessing the resources of the security community, we believe we have built the future model for security research and preemptive protection. We will continue to leverage our success to help benefit the entire security community by eliminating zero day threats, giving affected vendors time to patch and giving our customers preemptive protection via our intrusion prevention filters.”
Discovered by an independent researcher, this vulnerability allows remote attackers to execute arbitrary code on vulnerable NetBackup installations. This specific flaw exists within the bpjava-msvc daemon due to incorrect handling of format string data passed through the “COMMAND_LOGON_TO_MSERVER’ command. The vulnerable daemon listens on TCP port 13722 and affects both NetBackup clients and servers.
For more information on the Veritas vulnerability, please visit
http://www.zerodayinitiative.com/advisories/ZDI-05-001.html.
About TippingPoint, a division of 3Com
TippingPoint, a division of 3Com, is the leading provider of network-based intrusion prevention systems. The TippingPoint IPS is the most decorated in its industry. For a full list of awards, visit http://www.tippingpoint.com/products_certifications.html. Our innovative approach offers customers unmatched network-based security with unrivaled economics, ultra-high performance, scalability and reliability. TippingPoint is based in Austin, Texas, and can be contacted through its Web site at www.tippingpoint.com or by telephone at 1-888-TRUE-IPS.
About 3Com Corporation
3Com Corporation (NASDAQ: COMS) is a leading provider of secure, converged voice and data networking solutions for enterprises of all sizes. 3Com offers a broad line of innovative products backed by world class sales, service and support, which excel at delivering business value for its customers. Through its TippingPoint division, 3Com is the leading provider of network-based intrusion prevention systems that deliver in-depth application protection, infrastructure protection, and performance protection for corporate enterprises, government agencies, service providers and academic institutions. For further information, please visit www.3com.com, or the press site www.3com.com/pressbox.