CVE-2010-3609

Openslp - Denial of Service

Title source: rule

Description

The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other versions before SVN revision 1647, as used in Service Location Protocol daemon (SLPD) in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, allows remote attackers to cause a denial of service (infinite loop) via a packet with a "next extension offset" that references this extension or a previous extension. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC

by Nicolas Gregoire · pythondosmultiple

https://www.exploit-db.com/exploits/17610

View Code ZIP pw:eip

References (17)

Core 17

Core References

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/393783

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/71019

Various Sources mailing-list x_refsource_mlist

http://lists.vmware.com/pipermail/security-announce/2011/000126.html

Third Party Advisory x_refsource_confirm

https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0227

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/43742

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2011/0606

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2013:111

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/516909/100/0/threaded

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/8127

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1025168

Third Party Advisory vendor-advisory x_refsource_gentoo

https://security.gentoo.org/glsa/201707-05

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/65931

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2011/0729

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2012:141

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/46772

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/43601

Vendor Advisory x_refsource_confirm

http://www.vmware.com/security/advisories/VMSA-2011-0004.html

Scores

EPSS 0.3547

EPSS Percentile 97.1%

Details

Status published

Products (5)

openslp/openslp 1.2.1

vmware/esx 4.0

vmware/esx 4.1

vmware/esxi 4.0

vmware/esxi 4.1

Published Mar 11, 2011

Tracked Since Feb 18, 2026