CVE-2011-0355

Cisco Nexus 1000V Virtual Ethernet Module 4.0(4) SV1(1)-SV1(3b) - Denial of Service via 802.1Q Tagged Packet

Title source: llm
STIX 2.1

Description

Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451.

References (12)

Core 12
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/43084
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/516259/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/65217
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1025030
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0314
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/46247
Various Sources mailing-list x_refsource_mlist
http://lists.vmware.com/pipermail/security-announce/2011/000118.html
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/8090
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/70837
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0315

Scores

EPSS 0.0133
EPSS Percentile 80.2%

Details

CWE
CWE-399
Status published
Products (5)
cisco/1000v_virtual_ethernet_module_\(vem\) 4.0\(4\) sv1\(1\) (5 CPE variants)
vmware/esx 4.0
vmware/esx 4.1
vmware/esxi 4.0
vmware/esxi 4.1
Published Feb 17, 2011
Tracked Since Feb 18, 2026