Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

3Com's Zero Day Initiative alleviates first threat discovered through program

  • 13 October, 2005 11:28

<p>Zero Day Initiative Leads to Discovery and Patch of Vulnerability through Collaboration with Vendor; 3Com Protects Customers Before Flaw Disclosed Publicly</p>
<p>Sydney, Australia. – 13 October 2005 – 3Com and its TippingPoint division, today announced the first vulnerability disclosed through the Zero Day Initiative (ZDI) and worked closely with the affected vendor to issue a corresponding patch, eliminating the threat of a zero day attack. The vulnerability was discovered in Veritas NetBackup versions 4.5 through 6.0 from Symantec.</p>
<p>Upon obtaining the vulnerability information, 3Com immediately reported the threat to Symantec on 12 September, which in turn applied the necessary resources to address the vulnerability and issued the patch today. Shortly after reporting the threat to Symantec, 3Com customers using the TippingPointTM IPS were issued protection against zero day attacks targeting the Symantec vulnerability, and have been pre-emptively protected for nearly one month.</p>
<p>The Zero Day Initiative was launched by 3Com in July to enable the responsible disclosure of vulnerabilities in order to make technology more secure for users and businesses. Since the launch, over 150 researchers have registered for the program.</p>
<p>Through the program, 3Com rewards security researchers for responsibly informing 3Com of newly discovered zero day vulnerabilities, vulnerabilities that are unknown and for which there is no patch. 3Com notifies the affected vendor so a patch can be developed and the researcher agrees to keep the information confidential until the patch is issued so affected organisations are not at risk of attack. In addition to protecting all users from zero day threats by ensuring potentially harmful information is kept confidential until a patch is issued, TippingPoint customers are protected against exploits of zero day vulnerabilities through security filters delivered through the Digital Vaccine® service.</p>
<p>“The response we have received from launching ZDI has far exceeded our expectations,” said 3Com Chief Technology Officer Marc Willebeek-LeMair. “By harnessing the resources of the security community, we believe we have built the future model for security research and preemptive protection. We will continue to leverage our success to help benefit the entire security community by eliminating zero day threats, giving affected vendors time to patch and giving our customers preemptive protection via our intrusion prevention filters.”</p>
<p>Discovered by an independent researcher, this vulnerability allows remote attackers to execute arbitrary code on vulnerable NetBackup installations. This specific flaw exists within the bpjava-msvc daemon due to incorrect handling of format string data passed through the ‘COMMAND_LOGON_TO_MSERVER’ command. The vulnerable daemon listens on TCP port 13722 and affects both NetBackup clients and servers.</p>
<p>For more information on the Veritas vulnerability, please visit
http://www.zerodayinitiative.com/advisories/ZDI-05-001.html</p>
<p>About TippingPoint, a division of 3Com</p>
<p>TippingPoint, a division of 3Com, is the leading provider of network-based intrusion prevention systems. The TippingPoint IPS is the most decorated in its industry. For a full list of awards, visit http://www.tippingpoint.com/products_certifications.html. Our innovative approach offers customers unmatched network-based security with unrivalled economics, ultra-high performance, scalability and reliability. TippingPoint is based in
Austin, Texas, and can be contacted through its Web site at www.tippingpoint.com or by telephone at 1-888-TRUE-IPS.</p>
<p>About 3Com Corporation</p>
<p>3Com Corporation (NASDAQ: COMS) is a leading provider of secure, converged voice and data networking solutions for enterprises of all sizes. 3Com offers a broad line of innovative products backed by world class sales, service and support, which excel at delivering business value for its customers. Through its TippingPoint division, 3Com is the leading provider of network-based intrusion prevention systems that deliver in-depth application protection, infrastructure protection, and performance protection for corporate enterprises, government agencies, service providers and academic institutions. For further information, please visit www.3com.com, or the press site www.3com.com/pressbox.</p>
<p>Copyright © 2005 3Com Corporation. 3Com, the 3Com logo and Digital Vaccine are registered trademarks and TippingPoint is a trademark of 3Com Corporation or its subsidiaries. All other company and product names may be trademarks of their respective holders.</p>
<p>###</p>
<p>For further information, please contact:
Felicity Harrigan
Red Agency
02 9955 7877
felicity.harrigan@redagency.com.au</p>

Most Popular

Cool Tech

Toys for Boys

Family Friendly

Stocking Stuffer

SmartLens - Clip on Phone Camera Lens Set of 3

Learn more >

Christmas Gift Guide

Click for more ›

Brand Post

Most Popular Reviews

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Latest Articles

Resources

PCW Evaluation Team

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?