ID

VAR-201102-0213

CVE

CVE-2011-0355

TITLE

Cisco Nexus 1000V Virtual Ethernet Module Service disruption in (DoS) Vulnerabilities

DESCRIPTION

Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451. The Cisco Nexus 1000V VEM is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the affected application to crash, resulting in a denial-of-service condition. The following Cisco products are vulnerable: Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3b) Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3a) Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3) Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(2) Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(1) The following VMware products are vulnerable: ESXi 4.1 ESXi 4.0 ESX 4.1 ESX 4.0. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2011-0002 Synopsis: Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi Issue date: 2011-02-07 Updated on: 2011-02-07 (initial release of advisory) CVE numbers: CVE-2011-0355 - ------------------------------------------------------------------------ 1. Summary Updated versions of the Cisco Nexus 1000V virtual switch address a denial of service in VMware ESX/ESXi. 2. Problem Description a. This switch can be added to ESX and ESXi where it replaces the VMware virtual switch and runs as part of the ESX and ESXi kernel. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2011-0355 to the issue. VMware customers are only affected by this vulnerability if they have chosen to deploy the Cisco Nexus 1000V virtual switch as a replacement for the VMware vNetwork Standard Switch or the VMware vNetwork Distributed Switch. VMware has confirmed that the VMware vNetwork Standard Switch and the VMware vNetwork Distributed Switch are not affected by the vulnerability. The issue is documented by Cisco in Cisco bug ID CSCtj17451 (see section 5 for a link). 4. References CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0355 Cisco bug ID CSCtj17451 (registered Cisco customers only) http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fe tchBugDetails&bugId=CSCtj17451 - ------------------------------------------------------------------------ 6. - ----------------------------------------------------------------------- 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: * security-announce at lists.vmware.com * bugtraq at securityfocus.com * full-disclosure at lists.grok.org.uk E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055 VMware Security Advisories http://www.vmware.com/security/advisories VMware security response policy http://www.vmware.com/support/policies/security_response.html General support life cycle policy http://www.vmware.com/support/policies/eos.html VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html Copyright 2011 VMware Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.8.3 (Build 4028) Charset: utf-8 wj8DBQFNUNTIS2KysvBH1xkRAk1hAJ9iH1j58lM5KrwVaRYccSN3rWaw/wCePyLP FHYGA7W1DEcKcOFWj7GkuHE= =srWD -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ---------------------------------------------------------------------- Get a tax break on purchases of Secunia Solutions! If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/ ---------------------------------------------------------------------- TITLE: Cisco Nexus 1000V Virtual Switch 802.1Q Tagged Packet Denial of Service SECUNIA ADVISORY ID: SA43084 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43084/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43084 RELEASE DATE: 2011-02-09 DISCUSS ADVISORY: http://secunia.com/advisories/43084/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43084/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43084 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cisco Nexus 1000V, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when processing 802.1Q tagged packets. This can be exploited to cause a crash when a virtual machine sends a packet on a vEthernet port. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Cisco (CSCtj17451): http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

resource management error

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

The vendor reported this issue.

SOURCES

LAST UPDATE DATE

2024-11-23T22:31:40.511000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE