Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2010-3609
Description:The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other versions before SVN revision 1647, as used in Service Location Protocol daemon (SLPD) in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, allows remote attackers to cause a denial of service (infinite loop) via a packet with a "next extension offset" that references this extension or a previous extension. NOTE: some of these details are obtained from third party information.
Test IDs: 1.3.6.1.4.1.25623.1.0.70824   1.3.6.1.4.1.25623.1.0.72111   1.3.6.1.4.1.25623.1.0.840637   1.3.6.1.4.1.25623.1.0.831727  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2010-3609
BugTraq ID: 46772
http://www.securityfocus.com/bid/46772
Bugtraq: 20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm. (Google Search)
http://www.securityfocus.com/archive/1/516909/100/0/threaded
CERT/CC vulnerability note: VU#393783
http://www.kb.cert.org/vuls/id/393783
https://security.gentoo.org/glsa/201707-05
http://www.mandriva.com/security/advisories?name=MDVSA-2012:141
http://www.mandriva.com/security/advisories?name=MDVSA-2013:111
http://lists.vmware.com/pipermail/security-announce/2011/000126.html
http://www.osvdb.org/71019
http://securitytracker.com/id?1025168
http://secunia.com/advisories/43601
http://secunia.com/advisories/43742
http://securityreason.com/securityalert/8127
http://www.vupen.com/english/advisories/2011/0606
http://www.vupen.com/english/advisories/2011/0729
XForce ISS Database: vmware-esxserver-slpd-dos(65931)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65931




© 1998-2024 E-Soft Inc. All rights reserved.