Executive Summary

Summary
Title Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi
Informations
Name VMSA-2011-0002 First vendor Publication 2011-02-07
Vendor VMware Last vendor Modification 2011-02-07
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

a. Cisco Nexus 1000V Virtual Ethernet Module denial of service

The Cisco Nexus 1000V Virtual Ethernet Module (VEM) is a virtual switch for ESX and ESXi. This switch can be added to ESX and ESXi where it replaces the VMware virtual switch and runs as part of the ESX and ESXi kernel.

A flaw in the handling of dropped packets by Cisco Nexus 1000V VEM can cause ESX and ESXi to crash.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2011-0355 to the issue.

The issue is addressed by Cisco in the following releases: - Cisco Nexus 1000V Virtual Ethernet Module Release 4.2(4) SV1(4) - Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3c) For details refer to the release notes of these releases (see section 4 for links).

VMware customers are only affected by this vulnerability if they have chosen to deploy the Cisco Nexus 1000V virtual switch as a replacement for the VMware vNetwork Standard Switch or the VMware vNetwork Distributed Switch.

VMware has confirmed that the VMware vNetwork Standard Switch and the VMware vNetwork Distributed Switch are not affected by the vulnerability.

The issue is documented by Cisco in Cisco bug ID CSCtj17451 (see section 5 for a link).

Original Source

Url : http://www.vmware.com/security/advisories/VMSA-2011-0002.html

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-399 Resource Management Errors

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 5
Application 2
Application 2

Open Source Vulnerability Database (OSVDB)

Id Description
70837 Cisco Nexus 1000V Virtual Switch 802.1Q Tagged Packet Remote DoS

Cisco Nexus 1000V contains a flaw that may allow a remote denial of service. The issue is triggered when an error occurs when processing 802.1Q tagged packets, which may be exploited by a remote attacker by having a virtual machine send a packet on an vEthernet port to cause a denial of service.

Information Assurance Vulnerability Management (IAVM)

Date Description
2011-03-10 IAVM : 2011-B-0031 - Cisco Nexus 1000V Virtual Ethernet Module (VEM) Denial of Service Vulnerability
Severity : Category I - VMSKEY : V0026089

Nessus® Vulnerability Scanner

Date Description
2013-08-13 Name : The remote device is missing a vendor-supplied security update.
File : cisco-CSCtj17451-nxos.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2013-11-11 12:41:39
  • Multiple Updates