CVE-2010-3609

The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other versions before SVN revision 1647, as used in Service Location Protocol daemon (SLPD) in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, allows remote attackers to cause a denial of service (infinite loop) via a packet with a "next extension offset" that references this extension or a previous extension. NOTE: some of these details are obtained from third party information.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.securityfocus.com/bid/46772
http://secunia.com/advisories/43601	Vendor Advisory
http://lists.vmware.com/pipermail/security-announce/2011/000126.html
http://securitytracker.com/id?1025168
http://www.vupen.com/english/advisories/2011/0606	Vendor Advisory
http://www.vmware.com/security/advisories/VMSA-2011-0004.html	Vendor Advisory
http://www.osvdb.org/71019
http://www.vupen.com/english/advisories/2011/0729	Vendor Advisory
http://secunia.com/advisories/43742	Vendor Advisory
http://www.kb.cert.org/vuls/id/393783	US Government Resource
http://securityreason.com/securityalert/8127
http://www.mandriva.com/security/advisories?name=MDVSA-2012:141
http://www.mandriva.com/security/advisories?name=MDVSA-2013:111
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0227
https://security.gentoo.org/glsa/201707-05
https://exchange.xforce.ibmcloud.com/vulnerabilities/65931
http://www.securityfocus.com/archive/1/516909/100/0/threaded

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:vmware:esxi:4.0:::::::*
	cpe:2.3:a:openslp:openslp:1.2.1:::::::*
	cpe:2.3:a:vmware:esx:4.0:::::::*
	cpe:2.3:a:vmware:esx:4.1:::::::*
	cpe:2.3:a:vmware:esxi:4.1:::::::*

Information

Published : 2011-03-11 09:55

Updated : 2018-10-10 13:04

NVD link : CVE-2010-3609

Mitre link : CVE-2010-3609

JSON object : View

CWE

NVD-CWE-noinfo

Products Affected

vmware

esx
esxi

openslp

openslp

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/46772", "name": "46772", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/43601", "name": "43601", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://lists.vmware.com/pipermail/security-announce/2011/000126.html", "name": "[security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm", "tags": [], "refsource": "MLIST"}, {"url": "http://securitytracker.com/id?1025168", "name": "1025168", "tags": [], "refsource": "SECTRACK"}, {"url": "http://www.vupen.com/english/advisories/2011/0606", "name": "ADV-2011-0606", "tags": ["Vendor Advisory"], "refsource": "VUPEN"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2011-0004.html", "name": "http://www.vmware.com/security/advisories/VMSA-2011-0004.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.osvdb.org/71019", "name": "71019", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.vupen.com/english/advisories/2011/0729", "name": "ADV-2011-0729", "tags": ["Vendor Advisory"], "refsource": "VUPEN"}, {"url": "http://secunia.com/advisories/43742", "name": "43742", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.kb.cert.org/vuls/id/393783", "name": "VU#393783", "tags": ["US Government Resource"], "refsource": "CERT-VN"}, {"url": "http://securityreason.com/securityalert/8127", "name": "8127", "tags": [], "refsource": "SREASON"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:141", "name": "MDVSA-2012:141", "tags": [], "refsource": "MANDRIVA"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:111", "name": "MDVSA-2013:111", "tags": [], "refsource": "MANDRIVA"}, {"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0227", "name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0227", "tags": [], "refsource": "CONFIRM"}, {"url": "https://security.gentoo.org/glsa/201707-05", "name": "GLSA-201707-05", "tags": [], "refsource": "GENTOO"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65931", "name": "vmware-esxserver-slpd-dos(65931)", "tags": [], "refsource": "XF"}, {"url": "http://www.securityfocus.com/archive/1/516909/100/0/threaded", "name": "20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other versions before SVN revision 1647, as used in Service Location Protocol daemon (SLPD) in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, allows remote attackers to cause a denial of service (infinite loop) via a packet with a \"next extension offset\" that references this extension or a previous extension. NOTE: some of these details are obtained from third party information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2010-3609", "ASSIGNER": "cert@cert.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2011-03-11T17:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:vmware:esxi:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openslp:openslp:1.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vmware:esx:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vmware:esx:4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vmware:esxi:4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-10T20:04Z"}

5.0 /10