Secunia
Login
|
|
|
|
|
|
|
|
|
Cisco Nexus 1000V Virtual Switch 802.1Q Tagged Packet Denial of Service
Release Date: 2011-02-08 Views: 2,328
Secunia Advisory SA43084
Where:
From local network
Impact:
DoS,
Solution Status:
Vendor Patch
CVE Reference(s):
Description
A vulnerability has been reported in Cisco Nexus 1000V, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error when processing 802.1Q tagged packets. This can be exploited to cause a crash when a virtual machine sends a packet on a vEthernet port.
The vulnerability is reported in the following products:
* Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3b)
* Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3a)
* Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3)
* Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(2)
* Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(1)
Solution:
Update to version 4.0(4) SV1(3c).
Provided and/or discovered by:
Reported by the vendor.
Original Advisory:
Cisco (CSCtj17451):
http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html
Deep Links:
Links available to Secunia VIM customers
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this information to vuln@secunia.com
Subject: Cisco Nexus 1000V Virtual Switch 802.1Q Tagged Packet Denial of Service
|
No posts yet |
|
You must be logged in to post a comment. |
