CVE-2013-1210: Buffer Overflow
First published: Wed May 29 2013(Updated: )
Array index error in the Virtual Ethernet Module (VEM) kernel driver for VMware ESXi in Cisco NX-OS on the Nexus 1000V, when STUN debugging is enabled, allows remote attackers to cause a denial of service (ESXi crash and purple screen of death) by sending crafted STUN packets to a VEM, aka Bug ID CSCud14825.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco NX-OS | ||
| Cisco Nexus 1000 Virtual Edge |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2013-1210?
CVE-2013-1210 has been classified as a medium severity vulnerability.
How do I fix CVE-2013-1210?
To mitigate CVE-2013-1210, disable STUN debugging in the Virtual Ethernet Module configurations.
What systems are affected by CVE-2013-1210?
CVE-2013-1210 affects VMware ESXi installations running on Cisco NX-OS with the Nexus 1000V.
What type of attack does CVE-2013-1210 facilitate?
CVE-2013-1210 allows remote attackers to cause a denial of service, resulting in an ESXi crash.
Can CVE-2013-1210 lead to data exposure?
CVE-2013-1210 primarily leads to system downtime and does not directly expose data.
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/tags
- agent/description
- agent/event
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco nx-os
- canonical/cisco nexus 1000 virtual edge