CVE-2011-0355
First published: Thu Feb 17 2011(Updated: )
Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco 1000v Virtual Ethernet Module \(vem\) | =4.0\(4\)-sv1\(1\) | |
| Cisco 1000v Virtual Ethernet Module \(vem\) | =4.0\(4\)-sv1\(2\) | |
| Cisco 1000v Virtual Ethernet Module \(vem\) | =4.0\(4\)-sv1\(3\) | |
| Cisco 1000v Virtual Ethernet Module \(vem\) | =4.0\(4\)-sv1\(3a\) | |
| Cisco 1000v Virtual Ethernet Module \(vem\) | =4.0\(4\)-sv1\(3b\) | |
| VMware ESX | =4.0 | |
| VMware ESX | =4.1 | |
| VMware ESXi | =4.0 | |
| VMware ESXi | =4.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.vmware.com/security/advisories/VMSA-2011-0002.html
- http://lists.vmware.com/pipermail/security-announce/2011/000118.html
- http://www.osvdb.org/70837
- http://secunia.com/advisories/43084
- http://securitytracker.com/id?1025030
- http://www.vupen.com/english/advisories/2011/0314
- http://www.vupen.com/english/advisories/2011/0315
- http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html
- http://www.securityfocus.com/bid/46247
- http://securityreason.com/securityalert/8090
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65217
- http://www.securityfocus.com/archive/1/516259/100/0/threaded
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/description
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/cisco
- canonical/cisco 1000v virtual ethernet module \(vem\)
- version/cisco 1000v virtual ethernet module \(vem\)/4.0\(4\)-sv1\(1\)
- version/cisco 1000v virtual ethernet module \(vem\)/4.0\(4\)-sv1\(2\)
- version/cisco 1000v virtual ethernet module \(vem\)/4.0\(4\)-sv1\(3\)
- version/cisco 1000v virtual ethernet module \(vem\)/4.0\(4\)-sv1\(3a\)
- version/cisco 1000v virtual ethernet module \(vem\)/4.0\(4\)-sv1\(3b\)
- vendor/vmware
- canonical/vmware esx
- version/vmware esx/4.0
- version/vmware esx/4.1
- canonical/vmware esxi
- version/vmware esxi/4.0
- version/vmware esxi/4.1