var-201102-0213
Vulnerability from variot
Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451. The Cisco Nexus 1000V VEM is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the affected application to crash, resulting in a denial-of-service condition. The following Cisco products are vulnerable: Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3b) Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3a) Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3) Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(2) Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(1) The following VMware products are vulnerable: ESXi 4.1 ESXi 4.0 ESX 4.1 ESX 4.0. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2011-0002 Synopsis: Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi Issue date: 2011-02-07 Updated on: 2011-02-07 (initial release of advisory) CVE numbers: CVE-2011-0355
- Summary
Updated versions of the Cisco Nexus 1000V virtual switch address a denial of service in VMware ESX/ESXi.
- Problem Description
a. This switch can be added to ESX and ESXi where it replaces the VMware virtual switch and runs as part of the ESX and ESXi kernel.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2011-0355 to the issue.
VMware customers are only affected by this vulnerability if they
have chosen to deploy the Cisco Nexus 1000V virtual switch as a
replacement for the VMware vNetwork Standard Switch or the VMware
vNetwork Distributed Switch.
VMware has confirmed that the VMware vNetwork Standard Switch and
the VMware vNetwork Distributed Switch are not affected by the
vulnerability.
The issue is documented by Cisco in Cisco bug ID CSCtj17451 (see
section 5 for a link).
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0355
Cisco bug ID CSCtj17451 (registered Cisco customers only)
http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fe tchBugDetails&bugId=CSCtj17451
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories http://www.vmware.com/security/advisories
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2011 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.8.3 (Build 4028) Charset: utf-8
wj8DBQFNUNTIS2KysvBH1xkRAk1hAJ9iH1j58lM5KrwVaRYccSN3rWaw/wCePyLP FHYGA7W1DEcKcOFWj7GkuHE= =srWD -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Cisco Nexus 1000V Virtual Switch 802.1Q Tagged Packet Denial of Service
SECUNIA ADVISORY ID: SA43084
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43084/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43084
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43084/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43084/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43084
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Cisco Nexus 1000V, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error when processing 802.1Q tagged packets. This can be exploited to cause a crash when a virtual machine sends a packet on a vEthernet port.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: Cisco (CSCtj17451): http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0213",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "esxi",
"scope": "eq",
"trust": 2.1,
"vendor": "vmware",
"version": "4.1"
},
{
"model": "esxi",
"scope": "eq",
"trust": 2.1,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "esx",
"scope": "eq",
"trust": 2.1,
"vendor": "vmware",
"version": "4.1"
},
{
"model": "esx",
"scope": "eq",
"trust": 2.1,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "1000v virtual ethernet module \\",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.0\\(4\\)"
},
{
"model": "nexus virtual ethernet module sv1",
"scope": "eq",
"trust": 1.5,
"vendor": "cisco",
"version": "1000v4.0(4)"
},
{
"model": "nexus 1000v virtual ethernet module",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.0(4) sv1(1) to sv1(3b)"
},
{
"model": "nexus virtual ethernet module sv1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v4.2(1)"
},
{
"model": "nexus virtual ethernet module sv1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v4.0(4)"
}
],
"sources": [
{
"db": "BID",
"id": "46247"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003070"
},
{
"db": "NVD",
"id": "CVE-2011-0355"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-264"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:1000v_virtual_ethernet_module_\\(vem\\):4.0\\(4\\):sv1\\(3\\):*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:1000v_virtual_ethernet_module_\\(vem\\):4.0\\(4\\):sv1\\(3b\\):*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:1000v_virtual_ethernet_module_\\(vem\\):4.0\\(4\\):sv1\\(1\\):*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:1000v_virtual_ethernet_module_\\(vem\\):4.0\\(4\\):sv1\\(2\\):*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:1000v_virtual_ethernet_module_\\(vem\\):4.0\\(4\\):sv1\\(3a\\):*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:vmware:esxi:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:esxi:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:esx:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:esx:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0355"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "46247"
}
],
"trust": 0.3
},
"cve": "CVE-2011-0355",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2011-0355",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-48300",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-0355",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-264",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-48300",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48300"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003070"
},
{
"db": "NVD",
"id": "CVE-2011-0355"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-264"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451. The Cisco Nexus 1000V VEM is prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to cause the affected application to crash, resulting in a denial-of-service condition. \nThe following Cisco products are vulnerable:\nCisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3b)\nCisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3a)\nCisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3)\nCisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(2)\nCisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(1)\nThe following VMware products are vulnerable:\nESXi 4.1\nESXi 4.0\nESX 4.1\nESX 4.0. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2011-0002\nSynopsis: Cisco Nexus 1000V VEM updates address denial of\n service in VMware ESX/ESXi\nIssue date: 2011-02-07\nUpdated on: 2011-02-07 (initial release of advisory)\nCVE numbers: CVE-2011-0355\n- ------------------------------------------------------------------------\n\n1. Summary\n\n Updated versions of the Cisco Nexus 1000V virtual switch address a\ndenial\n of service in VMware ESX/ESXi. \n\n2. Problem Description\n\n a. This switch can be added to ESX and ESXi\n where it replaces the VMware virtual switch and runs as part of the\n ESX and ESXi kernel. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2011-0355 to the issue. \n \n VMware customers are only affected by this vulnerability if they\n have chosen to deploy the Cisco Nexus 1000V virtual switch as a\n replacement for the VMware vNetwork Standard Switch or the VMware\n vNetwork Distributed Switch. \n\n VMware has confirmed that the VMware vNetwork Standard Switch and\n the VMware vNetwork Distributed Switch are not affected by the\n vulnerability. \n\n The issue is documented by Cisco in Cisco bug ID CSCtj17451 (see\n section 5 for a link). \n\n4. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0355\n\n Cisco bug ID CSCtj17451 (registered Cisco customers only)\n \nhttp://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fe\ntchBugDetails\u0026bugId=CSCtj17451\n\n- ------------------------------------------------------------------------\n\n6. \n\n- -----------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Advisories\nhttp://www.vmware.com/security/advisories\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2011 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.8.3 (Build 4028)\nCharset: utf-8\n\nwj8DBQFNUNTIS2KysvBH1xkRAk1hAJ9iH1j58lM5KrwVaRYccSN3rWaw/wCePyLP\nFHYGA7W1DEcKcOFWj7GkuHE=\n=srWD\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco Nexus 1000V Virtual Switch 802.1Q Tagged Packet Denial of\nService\n\nSECUNIA ADVISORY ID:\nSA43084\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43084/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43084\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43084/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43084/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43084\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Cisco Nexus 1000V, which can be\nexploited by malicious people to cause a DoS (Denial of Service). \n\nThe vulnerability is caused due to an error when processing 802.1Q\ntagged packets. This can be exploited to cause a crash when a virtual\nmachine sends a packet on a vEthernet port. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nCisco (CSCtj17451):\nhttp://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0355"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003070"
},
{
"db": "BID",
"id": "46247"
},
{
"db": "VULHUB",
"id": "VHN-48300"
},
{
"db": "PACKETSTORM",
"id": "98254"
},
{
"db": "PACKETSTORM",
"id": "98315"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0355",
"trust": 2.9
},
{
"db": "BID",
"id": "46247",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "43084",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2011-0314",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2011-0315",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1025030",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "70837",
"trust": 1.7
},
{
"db": "SREASON",
"id": "8090",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003070",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-264",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20110208 VMSA-2011-0002 CISCO NEXUS 1000V VEM UPDATES ADDRESS DENIAL OF SERVICE IN VMWARE ESX/ESXI",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[SECURITY-ANNOUNCE] 20110207 VMSA-2011-0002 CISCO NEXUS 1000V VEM UPDATES ADDRESS DENIAL OF SERVICE IN VMWARE ESX/ESXI",
"trust": 0.6
},
{
"db": "XF",
"id": "65217",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "98254",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-48300",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98315",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48300"
},
{
"db": "BID",
"id": "46247"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003070"
},
{
"db": "PACKETSTORM",
"id": "98254"
},
{
"db": "PACKETSTORM",
"id": "98315"
},
{
"db": "NVD",
"id": "CVE-2011-0355"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-264"
}
]
},
"id": "VAR-201102-0213",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48300"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T14:02:13.840000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "22395",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=22395"
},
{
"title": "Cisco Nexus 1000V Release Notes, Release 4.0(4) SV1(3c)",
"trust": 0.8,
"url": "http://www.cisco.com/en/us/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html"
},
{
"title": "Cisco Nexus1000V Release Notes, Release 4.2(1) SV1(4)",
"trust": 0.8,
"url": "http://www.cisco.com/en/us/docs/switches/datacenter/nexus1000/sw/4_2_1_s_v_1_4/release/notes/n1000v_rn.html"
},
{
"title": "VMSA-2011-0002",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2011-0002.html"
},
{
"title": "Security-announce VMSA-2011-0002",
"trust": 0.8,
"url": "http://lists.vmware.com/pipermail/security-announce/2011/000118.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003070"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48300"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003070"
},
{
"db": "NVD",
"id": "CVE-2011-0355"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.cisco.com/en/us/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html"
},
{
"trust": 2.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2011-0002.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/46247"
},
{
"trust": 1.7,
"url": "http://lists.vmware.com/pipermail/security-announce/2011/000118.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/70837"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1025030"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/43084"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2011/0314"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2011/0315"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/516259/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://securityreason.com/securityalert/8090"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65217"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0355"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0355"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/65217"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/516259/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/ps9902/index.html"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/docs/switches/datacenter/nexus1000/sw/4_2_1_s_v_1_4/release/notes/n1000v_rn.html"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/docs/switches/datacenter/nexus1000/sw/4_2_1_s_v_"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0355"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/support/bugtoolkit/search/getbugdetails.do?method=fe"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43084/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43084"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43084/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48300"
},
{
"db": "BID",
"id": "46247"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003070"
},
{
"db": "PACKETSTORM",
"id": "98254"
},
{
"db": "PACKETSTORM",
"id": "98315"
},
{
"db": "NVD",
"id": "CVE-2011-0355"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-264"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-48300"
},
{
"db": "BID",
"id": "46247"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003070"
},
{
"db": "PACKETSTORM",
"id": "98254"
},
{
"db": "PACKETSTORM",
"id": "98315"
},
{
"db": "NVD",
"id": "CVE-2011-0355"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-264"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-17T00:00:00",
"db": "VULHUB",
"id": "VHN-48300"
},
{
"date": "2011-02-07T00:00:00",
"db": "BID",
"id": "46247"
},
{
"date": "2011-11-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003070"
},
{
"date": "2011-02-08T19:42:02",
"db": "PACKETSTORM",
"id": "98254"
},
{
"date": "2011-02-09T03:29:48",
"db": "PACKETSTORM",
"id": "98315"
},
{
"date": "2011-02-17T18:00:03.557000",
"db": "NVD",
"id": "CVE-2011-0355"
},
{
"date": "2011-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-264"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48300"
},
{
"date": "2011-02-07T00:00:00",
"db": "BID",
"id": "46247"
},
{
"date": "2011-11-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003070"
},
{
"date": "2018-10-10T20:09:44.983000",
"db": "NVD",
"id": "CVE-2011-0355"
},
{
"date": "2011-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-264"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-264"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Nexus 1000V Virtual Ethernet Module Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003070"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-264"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.