CVE-2011-0355
First published: Thu Feb 17 2011(Updated: )
Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco 1000v Virtual Ethernet Module (vem) | =4.0\(4\)-sv1\(1\) | |
| Cisco 1000v Virtual Ethernet Module (vem) | =4.0\(4\)-sv1\(2\) | |
| Cisco 1000v Virtual Ethernet Module (vem) | =4.0\(4\)-sv1\(3\) | |
| Cisco 1000v Virtual Ethernet Module (vem) | =4.0\(4\)-sv1\(3a\) | |
| Cisco 1000v Virtual Ethernet Module (vem) | =4.0\(4\)-sv1\(3b\) | |
| VMware ESX | =4.0 | |
| VMware ESX | =4.1 | |
| VMware ESXi | =4.0 | |
| VMware ESXi | =4.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.vmware.com/security/advisories/VMSA-2011-0002.html
- http://lists.vmware.com/pipermail/security-announce/2011/000118.html
- http://www.osvdb.org/70837
- http://secunia.com/advisories/43084
- http://securitytracker.com/id?1025030
- http://www.vupen.com/english/advisories/2011/0314
- http://www.vupen.com/english/advisories/2011/0315
- http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html
- http://www.securityfocus.com/bid/46247
- http://securityreason.com/securityalert/8090
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65217
- http://www.securityfocus.com/archive/1/516259/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2011-0355?
CVE-2011-0355 has a medium severity level due to its potential to cause denial of service.
How do I fix CVE-2011-0355?
To mitigate CVE-2011-0355, it is recommended to upgrade to the latest version of the Cisco Nexus 1000V Virtual Ethernet Module or apply any available patches.
Which versions are affected by CVE-2011-0355?
CVE-2011-0355 affects Cisco Nexus 1000V VEM versions 4.0(4) SV1(1) through SV1(3b) and VMware ESX and ESXi versions 4.0 and 4.1.
Can CVE-2011-0355 lead to complete system compromise?
CVE-2011-0355 does not lead to complete system compromise but can cause a denial of service that crashes the host OS.
Is there a workaround for CVE-2011-0355 if patching is not possible?
If patching is not possible for CVE-2011-0355, a temporary workaround is to minimize the use of tagged packets until a fix can be applied.
- collector/nvd-historical
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/author
- agent/severity
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco 1000v virtual ethernet module (vem)
- version/cisco 1000v virtual ethernet module (vem)/4.0\(4\)-sv1\(1\)
- version/cisco 1000v virtual ethernet module (vem)/4.0\(4\)-sv1\(2\)
- version/cisco 1000v virtual ethernet module (vem)/4.0\(4\)-sv1\(3\)
- version/cisco 1000v virtual ethernet module (vem)/4.0\(4\)-sv1\(3a\)
- version/cisco 1000v virtual ethernet module (vem)/4.0\(4\)-sv1\(3b\)
- vendor/vmware
- canonical/vmware esx
- version/vmware esx/4.0
- version/vmware esx/4.1
- canonical/vmware esxi
- version/vmware esxi/4.0
- version/vmware esxi/4.1