Search...

Cisco Nexus 1000V VEM DoS (CSCtj17451)

2013-08-13T00:00:00

ID CISCO-CSCTJ17451-NXOS.NASL
Type nessus
Reporter Tenable
Modified 2014-10-18T00:00:00

Description

The remote Cisco Nexus device is affected by a denial of service condition when processing 802.1Q tagged packets.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(69481);
  script_version("$Revision: 1.5 $");
  script_cvs_date("$Date: 2014/10/18 00:11:10 $");

  script_cve_id("CVE-2011-0355");
  script_bugtraq_id(46247);
  script_osvdb_id(70837);
  script_xref(name:"CISCO-BUG-ID", value:"CSCtj17451");
  script_xref(name:"IAVB", value:"2011-B-0031");

  script_name(english:"Cisco Nexus 1000V VEM DoS (CSCtj17451)");
  script_summary(english:"Checks the NX-OS version.");

  script_set_attribute(attribute:"synopsis", value:"The remote device is missing a vendor-supplied security update.");
  script_set_attribute(attribute:"description", value:
"The remote Cisco Nexus device is affected by a denial of service
condition when processing 802.1Q tagged packets.");
  # http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?bd22d81b");
  # http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_2_1_s_v_1_4/release/notes/n1000v_rn.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?dd8cfc72");
  script_set_attribute(attribute:"solution", value:"Upgrade to version 4.0(4)SV1(3c) or 4.2(1)SV1(4).");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os");

  script_set_attribute(attribute:"vuln_publication_date", value:"2011/02/04");
  script_set_attribute(attribute:"patch_publication_date", value:"2011/02/04");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/08/13");

  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.");
  script_family(english:"CISCO");

  script_dependencies("cisco_nxos_version.nasl");
  script_require_keys("Host/Cisco/NX-OS/Version", "Host/Cisco/NX-OS/Model", "Host/Cisco/NX-OS/Device");

  exit(0);
}

include("audit.inc");
include("cisco_func.inc");

device = get_kb_item_or_exit("Host/Cisco/NX-OS/Device");
model = get_kb_item_or_exit("Host/Cisco/NX-OS/Model");
version = get_kb_item_or_exit("Host/Cisco/NX-OS/Version");

# only affects Nexus 1000V systems
if (device != 'Nexus' || model !~ '^1000[Vv]$') audit(AUDIT_HOST_NOT, "affected");

flag = 0;

if (
 version == "4.0(4)SV1(3b)" ||
 version == "4.0(4)SV1(3a)" ||
 version == "4.0(4)SV1(3)" ||
 version == "4.0(4)SV1(2)" ||
 version == "4.0(4)SV1(1)"
) flag++;

if (flag)
{
  if (report_verbosity &gt; 0)
  {
    report =
      '\n  Model             : ' + device + ' ' + model +
      '\n  Installed version : ' + version +
      '\n  Fixed version     : 4.0(4)SV1(3c) / 4.2(1)SV1(4)' + 
      '\n';
    security_hole(port:0, extra:report);
  }
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

JSON Vulners Source

Initial Source

{"published": "2013-08-13T00:00:00", "id": "CISCO-CSCTJ17451-NXOS.NASL", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "history": [{"differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:24:46", "bulletin": {"enchantments": {}, "published": "2013-08-13T00:00:00", "id": "CISCO-CSCTJ17451-NXOS.NASL", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "history": [], "cpe": [], "hash": "e9138eb7f5c30d1a20ec4d81ca01c51123c5bbc28062f836a74406bc89f6dc4d", "description": "The remote Cisco Nexus device is affected by a denial of service condition when processing 802.1Q tagged packets.", "type": "nessus", "pluginID": "69481", "lastseen": "2016-09-26T17:24:46", "edition": 1, "title": "Cisco Nexus 1000V VEM DoS (CSCtj17451)", "href": "https://www.tenable.com/plugins/index.php?view=single&id=69481", "modified": "2014-10-18T00:00:00", "bulletinFamily": "scanner", "viewCount": 0, "cvelist": ["CVE-2011-0355"], "references": ["http://www.nessus.org/u?bd22d81b", "http://www.nessus.org/u?dd8cfc72"], "naslFamily": "CISCO", "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69481);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2014/10/18 00:11:10 $\");\n\n script_cve_id(\"CVE-2011-0355\");\n script_bugtraq_id(46247);\n script_osvdb_id(70837);\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCtj17451\");\n script_xref(name:\"IAVB\", value:\"2011-B-0031\");\n\n script_name(english:\"Cisco Nexus 1000V VEM DoS (CSCtj17451)\");\n script_summary(english:\"Checks the NX-OS version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote device is missing a vendor-supplied security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Cisco Nexus device is affected by a denial of service\ncondition when processing 802.1Q tagged packets.\");\n # http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bd22d81b\");\n # http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_2_1_s_v_1_4/release/notes/n1000v_rn.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dd8cfc72\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to version 4.0(4)SV1(3c) or 4.2(1)SV1(4).\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:cisco:nx-os\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/08/13\");\n\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.\");\n script_family(english:\"CISCO\");\n\n script_dependencies(\"cisco_nxos_version.nasl\");\n script_require_keys(\"Host/Cisco/NX-OS/Version\", \"Host/Cisco/NX-OS/Model\", \"Host/Cisco/NX-OS/Device\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"cisco_func.inc\");\n\ndevice = get_kb_item_or_exit(\"Host/Cisco/NX-OS/Device\");\nmodel = get_kb_item_or_exit(\"Host/Cisco/NX-OS/Model\");\nversion = get_kb_item_or_exit(\"Host/Cisco/NX-OS/Version\");\n\n# only affects Nexus 1000V systems\nif (device != 'Nexus' || model !~ '^1000[Vv]$') audit(AUDIT_HOST_NOT, \"affected\");\n\nflag = 0;\n\nif (\n version == \"4.0(4)SV1(3b)\" ||\n version == \"4.0(4)SV1(3a)\" ||\n version == \"4.0(4)SV1(3)\" ||\n version == \"4.0(4)SV1(2)\" ||\n version == \"4.0(4)SV1(1)\"\n) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Model : ' + device + ' ' + model +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 4.0(4)SV1(3c) / 4.2(1)SV1(4)' + \n '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "hashmap": [{"hash": "4ad811f5cee76131e33903758e205b88", "key": "published"}, {"hash": "3e87d974331bd87abbb90280c52341cb", "key": "title"}, {"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "cce124ad7eb9f52c69754fbeb17932e2", "key": "modified"}, {"hash": "78c258b614a8a5b36bbb26e41476c43a", "key": "sourceData"}, {"hash": "6d6b9fc019a226cb0bb02e8e87b041ba", "key": "cvelist"}, {"hash": "8cff407833605a335be4b0048d8504e3", "key": "pluginID"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "003c5ac382aa31f8e7ccac0a59d95b18", "key": "references"}, {"hash": "1474d7e4864f3cb5aa49cada79ae461f", "key": "href"}, {"hash": "2e9d0015563e8f6c3614c219c759934c", "key": "naslFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "03cb3fb7762069174f6a55d2373cb510", "key": "description"}], "objectVersion": "1.2"}}], "description": "The remote Cisco Nexus device is affected by a denial of service condition when processing 802.1Q tagged packets.", "hash": "57e0efb1ef4d00ff3ce215b1af8392111a41ceabb6cffad982d70ef92d0f3730", "enchantments": {"vulnersScore": 5.0}, "type": "nessus", "pluginID": "69481", "lastseen": "2017-10-29T13:38:43", "edition": 2, "cpe": ["cpe:/o:cisco:nx-os"], "title": "Cisco Nexus 1000V VEM DoS (CSCtj17451)", "href": "https://www.tenable.com/plugins/index.php?view=single&id=69481", "modified": "2014-10-18T00:00:00", "bulletinFamily": "scanner", "viewCount": 0, "cvelist": ["CVE-2011-0355"], "references": ["http://www.nessus.org/u?bd22d81b", "http://www.nessus.org/u?dd8cfc72"], "naslFamily": "CISCO", "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69481);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2014/10/18 00:11:10 $\");\n\n script_cve_id(\"CVE-2011-0355\");\n script_bugtraq_id(46247);\n script_osvdb_id(70837);\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCtj17451\");\n script_xref(name:\"IAVB\", value:\"2011-B-0031\");\n\n script_name(english:\"Cisco Nexus 1000V VEM DoS (CSCtj17451)\");\n script_summary(english:\"Checks the NX-OS version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote device is missing a vendor-supplied security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Cisco Nexus device is affected by a denial of service\ncondition when processing 802.1Q tagged packets.\");\n # http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bd22d81b\");\n # http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_2_1_s_v_1_4/release/notes/n1000v_rn.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dd8cfc72\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to version 4.0(4)SV1(3c) or 4.2(1)SV1(4).\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:cisco:nx-os\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/08/13\");\n\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.\");\n script_family(english:\"CISCO\");\n\n script_dependencies(\"cisco_nxos_version.nasl\");\n script_require_keys(\"Host/Cisco/NX-OS/Version\", \"Host/Cisco/NX-OS/Model\", \"Host/Cisco/NX-OS/Device\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"cisco_func.inc\");\n\ndevice = get_kb_item_or_exit(\"Host/Cisco/NX-OS/Device\");\nmodel = get_kb_item_or_exit(\"Host/Cisco/NX-OS/Model\");\nversion = get_kb_item_or_exit(\"Host/Cisco/NX-OS/Version\");\n\n# only affects Nexus 1000V systems\nif (device != 'Nexus' || model !~ '^1000[Vv]$') audit(AUDIT_HOST_NOT, \"affected\");\n\nflag = 0;\n\nif (\n version == \"4.0(4)SV1(3b)\" ||\n version == \"4.0(4)SV1(3a)\" ||\n version == \"4.0(4)SV1(3)\" ||\n version == \"4.0(4)SV1(2)\" ||\n version == \"4.0(4)SV1(1)\"\n) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Model : ' + device + ' ' + model +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 4.0(4)SV1(3c) / 4.2(1)SV1(4)' + \n '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "hashmap": [{"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "063121101cdb9a2c7392f56d345276d8", "key": "cpe"}, {"hash": "6d6b9fc019a226cb0bb02e8e87b041ba", "key": "cvelist"}, {"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "03cb3fb7762069174f6a55d2373cb510", "key": "description"}, {"hash": "1474d7e4864f3cb5aa49cada79ae461f", "key": "href"}, {"hash": "cce124ad7eb9f52c69754fbeb17932e2", "key": "modified"}, {"hash": "2e9d0015563e8f6c3614c219c759934c", "key": "naslFamily"}, {"hash": "8cff407833605a335be4b0048d8504e3", "key": "pluginID"}, {"hash": "4ad811f5cee76131e33903758e205b88", "key": "published"}, {"hash": "003c5ac382aa31f8e7ccac0a59d95b18", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "78c258b614a8a5b36bbb26e41476c43a", "key": "sourceData"}, {"hash": "3e87d974331bd87abbb90280c52341cb", "key": "title"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}], "objectVersion": "1.3"}

{"result": {"cve": [{"id": "CVE-2011-0355", "type": "cve", "title": "CVE-2011-0355", "description": "Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451.", "published": "2011-02-17T13:00:03", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0355", "cvelist": ["CVE-2011-0355"], "lastseen": "2017-08-17T10:42:38"}], "vmware": [{"id": "VMSA-2011-0002", "type": "vmware", "title": "Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi", "description": "a. Cisco Nexus 1000V Virtual Ethernet Module denial of service \nThe Cisco Nexus 1000V Virtual Ethernet Module (VEM) is a virtual switch for ESX and ESXi. This switch can be added to ESX and ESXi where it replaces the VMware virtual switch and runs as part of the ESX and ESXi kernel. \n \nA flaw in the handling of dropped packets by Cisco Nexus 1000V VEM can cause ESX and ESXi to crash. \n \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2011-0355 to the issue. \n \nThe issue is addressed by Cisco in the following releases: \n\n * Cisco Nexus 1000V Virtual Ethernet Module Release 4.2(4) SV1(4)\n * Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3c)\nFor details refer to the release notes of these releases (see section 4 for links). \n \nVMware customers are only affected by this vulnerability if they have chosen to deploy the Cisco Nexus 1000V virtual switch as a replacement for the VMware vNetwork Standard Switch or the VMware vNetwork Distributed Switch. \n \nVMware has confirmed that the VMware vNetwork Standard Switch and the VMware vNetwork Distributed Switch are not affected by the vulnerability. \n \nThe issue is documented by Cisco in Cisco bug ID CSCtj17451 (see section 5 for a link).\n", "published": "2011-02-07T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.vmware.com/security/advisories/VMSA-2011-0002.html", "cvelist": ["CVE-2011-0355"], "lastseen": "2016-09-04T11:19:31"}]}}