Vulnerability-Lookup - Search a vulnerability

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

FKIE_CVE-2011-0355

Vulnerability from fkie_nvd - Published: 2011-02-17 18:00 - Updated: 2025-04-11 00:51

Severity ?

Summary

Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451.

References

URL	Tags
psirt@cisco.com	http://lists.vmware.com/pipermail/security-announce/2011/000118.html
psirt@cisco.com	http://secunia.com/advisories/43084	Vendor Advisory
psirt@cisco.com	http://securityreason.com/securityalert/8090
psirt@cisco.com	http://securitytracker.com/id?1025030
psirt@cisco.com	http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html
psirt@cisco.com	http://www.osvdb.org/70837
psirt@cisco.com	http://www.securityfocus.com/archive/1/516259/100/0/threaded
psirt@cisco.com	http://www.securityfocus.com/bid/46247
psirt@cisco.com	http://www.vmware.com/security/advisories/VMSA-2011-0002.html	Vendor Advisory
psirt@cisco.com	http://www.vupen.com/english/advisories/2011/0314	Vendor Advisory
psirt@cisco.com	http://www.vupen.com/english/advisories/2011/0315	Vendor Advisory
psirt@cisco.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/65217
af854a3a-2127-422b-91ae-364da2661108	http://lists.vmware.com/pipermail/security-announce/2011/000118.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43084	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/8090
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1025030
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/70837
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/516259/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/46247
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/security/advisories/VMSA-2011-0002.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0314	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0315	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/65217

Impacted products

Vendor	Product	Version
cisco	1000v_virtual_ethernet_module_\(vem\)	4.0\(4\)
cisco	1000v_virtual_ethernet_module_\(vem\)	4.0\(4\)
cisco	1000v_virtual_ethernet_module_\(vem\)	4.0\(4\)
cisco	1000v_virtual_ethernet_module_\(vem\)	4.0\(4\)
cisco	1000v_virtual_ethernet_module_\(vem\)	4.0\(4\)
vmware	esx	4.0
vmware	esx	4.1
vmware	esxi	4.0
vmware	esxi	4.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:1000v_virtual_ethernet_module_\\(vem\\):4.0\\(4\\):sv1\\(1\\):*:*:*:*:*:*",
              "matchCriteriaId": "DF896363-85C3-4430-A77A-94B4054B97CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:1000v_virtual_ethernet_module_\\(vem\\):4.0\\(4\\):sv1\\(2\\):*:*:*:*:*:*",
              "matchCriteriaId": "F81223EE-9540-4BA6-9177-D282651A8247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:1000v_virtual_ethernet_module_\\(vem\\):4.0\\(4\\):sv1\\(3\\):*:*:*:*:*:*",
              "matchCriteriaId": "E90F8CC2-61A5-496C-962E-56155AD51B91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:1000v_virtual_ethernet_module_\\(vem\\):4.0\\(4\\):sv1\\(3a\\):*:*:*:*:*:*",
              "matchCriteriaId": "6162DFCA-0D2D-48EC-B260-8094D02725B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:1000v_virtual_ethernet_module_\\(vem\\):4.0\\(4\\):sv1\\(3b\\):*:*:*:*:*:*",
              "matchCriteriaId": "1905D672-E067-441E-944D-2E368E53451D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:esx:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "889DE9BE-886F-4BEF-A794-5B5DE73D2322",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:esx:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D3C6FC4-DAE3-42DB-B845-593BBD2A50BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:esxi:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BDAA7C8-8F2F-4037-A517-2C1EDB70B203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:esxi:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "73C9E205-87EE-4CE2-A252-DED7BB6D4EAE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451."
    },
    {
      "lang": "es",
      "value": "Cisco Nexus 1000V Virtual Ethernet Module (VEM) v4.0 (4) SV1 (1) hasta SV1 (3b), tal como se utiliza en VMware ESX v4.0 y v4.1 ESXi  v4.0 y v4.1, no maneja adecuadamente paquetes eliminados, permitiendo a usuarios invitado del sistema operativo causar una denegaci\u00f3n de servicio (ca\u00edda del host ESX o ESXi) mediante el env\u00edo de un paquete 802.1Q etiquetado sobre un puerto vEthernet de acceso, tambi\u00e9n conocido como error de Cisco ID CSCtj17451."
    }
  ],
  "id": "CVE-2011-0355",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-02-17T18:00:03.557",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://lists.vmware.com/pipermail/security-announce/2011/000118.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43084"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://securityreason.com/securityalert/8090"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://securitytracker.com/id?1025030"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.osvdb.org/70837"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/archive/1/516259/100/0/threaded"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/46247"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0002.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0314"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0315"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65217"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.vmware.com/pipermail/security-announce/2011/000118.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43084"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/8090"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1025030"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/70837"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/516259/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/46247"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0314"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0315"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65217"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2011-0355 (GCVE-0-2011-0355)

Vulnerability from cvelistv5 – Published: 2011-02-17 17:00 – Updated: 2024-08-06 21:51

Summary

Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

cisco

References

URL

Tags

	http://secunia.com/advisories/43084	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/516259/100…	mailing-listx_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://securitytracker.com/id?1025030	vdb-entryx_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2011/0314	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/46247	vdb-entryx_refsource_BID
	http://lists.vmware.com/pipermail/security-announ…	mailing-listx_refsource_MLIST
	http://securityreason.com/securityalert/8090	third-party-advisoryx_refsource_SREASON
	http://www.osvdb.org/70837	vdb-entryx_refsource_OSVDB
	http://www.vmware.com/security/advisories/VMSA-20…	x_refsource_CONFIRM
	http://www.cisco.com/en/US/docs/switches/datacent…	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2011/0315	vdb-entryx_refsource_VUPEN

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:51:08.255Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "43084",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43084"
          },
          {
            "name": "20110208 VMSA-2011-0002 Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/516259/100/0/threaded"
          },
          {
            "name": "cisco-nexus-packets-dos(65217)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65217"
          },
          {
            "name": "1025030",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1025030"
          },
          {
            "name": "ADV-2011-0314",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0314"
          },
          {
            "name": "46247",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46247"
          },
          {
            "name": "[security-announce] 20110207 VMSA-2011-0002 Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2011/000118.html"
          },
          {
            "name": "8090",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/8090"
          },
          {
            "name": "70837",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/70837"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2011-0002.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html"
          },
          {
            "name": "ADV-2011-0315",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0315"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-02-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "43084",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43084"
        },
        {
          "name": "20110208 VMSA-2011-0002 Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/516259/100/0/threaded"
        },
        {
          "name": "cisco-nexus-packets-dos(65217)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65217"
        },
        {
          "name": "1025030",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1025030"
        },
        {
          "name": "ADV-2011-0314",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0314"
        },
        {
          "name": "46247",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46247"
        },
        {
          "name": "[security-announce] 20110207 VMSA-2011-0002 Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2011/000118.html"
        },
        {
          "name": "8090",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/8090"
        },
        {
          "name": "70837",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/70837"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2011-0002.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html"
        },
        {
          "name": "ADV-2011-0315",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0315"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2011-0355",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "43084",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43084"
            },
            {
              "name": "20110208 VMSA-2011-0002 Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/516259/100/0/threaded"
            },
            {
              "name": "cisco-nexus-packets-dos(65217)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65217"
            },
            {
              "name": "1025030",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1025030"
            },
            {
              "name": "ADV-2011-0314",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0314"
            },
            {
              "name": "46247",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/46247"
            },
            {
              "name": "[security-announce] 20110207 VMSA-2011-0002 Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi",
              "refsource": "MLIST",
              "url": "http://lists.vmware.com/pipermail/security-announce/2011/000118.html"
            },
            {
              "name": "8090",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/8090"
            },
            {
              "name": "70837",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/70837"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2011-0002.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2011-0002.html"
            },
            {
              "name": "http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html",
              "refsource": "CONFIRM",
              "url": "http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html"
            },
            {
              "name": "ADV-2011-0315",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0315"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2011-0355",
    "datePublished": "2011-02-17T17:00:00",
    "dateReserved": "2011-01-07T00:00:00",
    "dateUpdated": "2024-08-06T21:51:08.255Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0355 (GCVE-0-2011-0355)

Vulnerability from nvd – Published: 2011-02-17 17:00 – Updated: 2024-08-06 21:51

Summary

Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

cisco

References

URL

Tags

	http://secunia.com/advisories/43084	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/516259/100…	mailing-listx_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://securitytracker.com/id?1025030	vdb-entryx_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2011/0314	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/46247	vdb-entryx_refsource_BID
	http://lists.vmware.com/pipermail/security-announ…	mailing-listx_refsource_MLIST
	http://securityreason.com/securityalert/8090	third-party-advisoryx_refsource_SREASON
	http://www.osvdb.org/70837	vdb-entryx_refsource_OSVDB
	http://www.vmware.com/security/advisories/VMSA-20…	x_refsource_CONFIRM
	http://www.cisco.com/en/US/docs/switches/datacent…	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2011/0315	vdb-entryx_refsource_VUPEN

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:51:08.255Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "43084",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43084"
          },
          {
            "name": "20110208 VMSA-2011-0002 Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/516259/100/0/threaded"
          },
          {
            "name": "cisco-nexus-packets-dos(65217)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65217"
          },
          {
            "name": "1025030",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1025030"
          },
          {
            "name": "ADV-2011-0314",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0314"
          },
          {
            "name": "46247",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46247"
          },
          {
            "name": "[security-announce] 20110207 VMSA-2011-0002 Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2011/000118.html"
          },
          {
            "name": "8090",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/8090"
          },
          {
            "name": "70837",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/70837"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2011-0002.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html"
          },
          {
            "name": "ADV-2011-0315",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0315"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-02-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "43084",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43084"
        },
        {
          "name": "20110208 VMSA-2011-0002 Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/516259/100/0/threaded"
        },
        {
          "name": "cisco-nexus-packets-dos(65217)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65217"
        },
        {
          "name": "1025030",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1025030"
        },
        {
          "name": "ADV-2011-0314",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0314"
        },
        {
          "name": "46247",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46247"
        },
        {
          "name": "[security-announce] 20110207 VMSA-2011-0002 Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2011/000118.html"
        },
        {
          "name": "8090",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/8090"
        },
        {
          "name": "70837",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/70837"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2011-0002.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html"
        },
        {
          "name": "ADV-2011-0315",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0315"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2011-0355",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "43084",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43084"
            },
            {
              "name": "20110208 VMSA-2011-0002 Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/516259/100/0/threaded"
            },
            {
              "name": "cisco-nexus-packets-dos(65217)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65217"
            },
            {
              "name": "1025030",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1025030"
            },
            {
              "name": "ADV-2011-0314",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0314"
            },
            {
              "name": "46247",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/46247"
            },
            {
              "name": "[security-announce] 20110207 VMSA-2011-0002 Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi",
              "refsource": "MLIST",
              "url": "http://lists.vmware.com/pipermail/security-announce/2011/000118.html"
            },
            {
              "name": "8090",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/8090"
            },
            {
              "name": "70837",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/70837"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2011-0002.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2011-0002.html"
            },
            {
              "name": "http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html",
              "refsource": "CONFIRM",
              "url": "http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html"
            },
            {
              "name": "ADV-2011-0315",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0315"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2011-0355",
    "datePublished": "2011-02-17T17:00:00",
    "dateReserved": "2011-01-07T00:00:00",
    "dateUpdated": "2024-08-06T21:51:08.255Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria

3 vulnerabilities found for 1000v_virtual_ethernet_module_\(vem\) by cisco

FKIE_CVE-2011-0355

CVE-2011-0355 (GCVE-0-2011-0355)

CVE-2011-0355 (GCVE-0-2011-0355)