3COM’s Zero Day Initiative Issues Advisory For Novell Vulnerability Discovered Through Program

MALBOROUGH, Mass. – November 18, 2005 – 3Com and its TippingPoint division, today announced new vulnerabilities in Novell discovered and disclosed through the Zero Day Initiative (ZDI). Through ZDI, 3Com notified Novell of the vulnerabilities and worked closely with them to issue a corresponding patch today, eliminating the threat of a zero day attack. The vulnerabilities were discovered in the Internet Message Access Protocol (IMAP) service in Novell Netmail 3.5.2 and could allow an attacker to compromise a vulnerable host.

Upon validating the vulnerability information, 3Com reported the threat to Novell on October 24, which in turn applied the necessary resources to address the vulnerabilities and issued the patch today. On October 24, 3Com also issued customers using the TippingPointTM Intrusion Prevention System (IPS) preemptive protection against potential zero day attacks targeting the vulnerability.

The Zero Day Initiative was launched by 3Com in July to enable the responsible disclosure of vulnerabilities in order to make technology more secure for users and businesses. A zero day vulnerability is one that is unknown or one that has been publicly disclosed without a corresponding patch or solution. Since the launch, over 200 researchers have registered for the program.

Through the program, 3Com rewards security researchers for responsibly informing 3Com of newly discovered zero day vulnerabilities. 3Com notifies the affected vendor so a patch can be developed and the researcher agrees to keep the information confidential until the patch is issued so affected organizations are not at risk of attack. In addition to protecting all users from zero day threats by ensuring potentially harmful information is kept confidential until a patch is issued, TippingPoint customers are protected against exploits of zero day vulnerabilities through security filters delivered through the Digital Vaccine® service.

“By working together with the security community to help ensure that vulnerability details are not released until a vendor patch is made available, we are making strides to alleviate zero day threats and giving end users more time to protect themselves before an exploit emerges,” said David Endler, director of security research for 3Com’s TippingPoint division. “We are extremely pleased with the results from the program thus far.”

Discovered by an independent researcher, the vulnerabilities allow remote attackers with valid IMAP credentials to execute arbitrary code on vulnerable installations. The Novell advisory is the third vendor vulnerability disclosed through ZDI with a corresponding patch.

For a full list of ZDI advisories and specific information on the Novell vulnerability, please visit: http://www.zerodayinitiative.com/advisories.html.

About TippingPoint, a division of 3Com
TippingPoint, a division of 3Com, is the leading provider of network-based intrusion prevention systems. The TippingPoint IPS is the most decorated in its industry. For a full list of awards, visit http://www.tippingpoint.com/products_certifications.html. Our innovative approach offers customers unmatched network-based security with unrivaled economics, ultra-high performance, scalability and reliability. TippingPoint is based in Austin, Texas, and can be contacted through its Web site at www.tippingpoint.com or by telephone at 1-888-TRUE-IPS.

About 3Com Corporation
3Com Corporation (NASDAQ: COMS) is a leading provider of secure, converged voice and data networking solutions for enterprises of all sizes. 3Com offers a broad line of innovative products backed by world class sales, service and support, which excel at delivering business value for its customers. Through its TippingPoint division, 3Com is the leading provider of network-based intrusion prevention systems that deliver in-depth application protection, infrastructure protection, and performance protection for corporate enterprises, government agencies, service providers and academic institutions. For further information, please visit www.3com.com, or the press site www.3com.com/pressbox.