a. Service Location Protocol daemon DoS
This patch fixes a denial-of-service vulnerability in the Service Location Protocol daemon (SLPD). Exploitation of this vulnerability could cause SLPD to consume significant CPU resources.
VMware would like to thank Nicolas Gregoire and US CERT for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3609 to this issue.
Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.

securityvulns 6

openvas 59

vmware 1

nessus 56

debian 1

fedora 7

oraclelinux 6

redhat 6

osv 1

centos 4

ubuntu 4

slackware 1

cisa 1

ubuntucve 6

f5 6

veracode 7

debiancve 7

cve 7

prion 7

gentoo 2

cert 3

packetstorm 1

securityvulns

VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.

2011-03-10 00:00:00

PAM authentuication modules multiple security vulnerabilities

2010-11-08 00:00:00

[ MDVSA-2010:220 ] pam

2010-11-08 00:00:00

openvas

VMSA-2011-0004.3 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.

2012-03-16 00:00:00

VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm (VMSA-2011-0004.3)

2012-03-16 00:00:00

Fedora Update for pam FEDORA-2010-17155

2010-12-02 00:00:00

vmware

VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.

2011-03-07 00:00:00

nessus

VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0004) (remote check)

2016-03-04 00:00:00

VMSA-2011-0004 : VMware ESX/ESXi SLPD denial of service vulnerability and ESX third-party updates for Service Console packages bind, pam, and rpm.

2011-03-08 00:00:00

CentOS 5 : bind (CESA-2010:0976)

2010-12-14 00:00:00

debian

[SECURITY] [DSA-2130-1] New BIND packages fix denial of service

2010-12-10 20:27:48

fedora

[SECURITY] Fedora 12 Update: pam-1.1.1-6.fc12

2010-11-17 23:16:19

[SECURITY] Fedora 13 Update: pam-1.1.1-6.fc13

2010-11-04 23:28:57

[SECURITY] Fedora 14 Update: pam-1.1.1-6.fc14

2010-11-06 23:42:52

oraclelinux

bind security update

2010-12-13 00:00:00

pam security update

2010-11-01 00:00:00

bind security update

2011-02-10 00:00:00

redhat

(RHSA-2010:0976) Important: bind security update

2010-12-13 00:00:00

(RHSA-2010:0819) Moderate: pam security update

2010-11-01 00:00:00

(RHSA-2010:0975) Important: bind security update

2010-12-13 00:00:00

osv

bind9 - denial of service

2010-12-10 00:00:00

centos

bind, caching security update

2010-12-14 01:18:10

pam security update

2010-11-01 21:56:05

popt, rpm security update

2010-09-12 16:21:59

ubuntu

Bind vulnerabilities

2010-12-01 00:00:00

PAM vulnerabilities

2011-05-30 00:00:00

PAM regression

2011-05-31 00:00:00

slackware

[slackware-security] bind

2010-12-16 21:45:59

cisa

Internet Systems Consortium BIND Vulnerabilities

2010-12-02 00:00:00

ubuntucve

CVE-2010-3316

2011-01-24 00:00:00

CVE-2010-3853

2011-01-24 00:00:00

CVE-2010-3762

2010-10-05 00:00:00

K15172 : BIND vulnerability CVE-2010-3762

2014-04-17 00:00:00

SOL15172 - BIND vulnerability CVE-2010-3762

2014-04-17 00:00:00

K12567 : BIND vulnerability CVE-2010-3614

2013-07-03 00:00:00

veracode

Denial Of Service (DoS)

2020-04-10 00:51:03

Privilege Escalation

2020-04-10 00:47:51

Privilege Escalation

2020-04-10 00:48:04

debiancve

CVE-2010-3853

2011-01-24 18:00:00

CVE-2010-3762

2010-10-05 22:00:00

CVE-2010-3614

2010-12-06 13:44:00

cve

CVE-2010-3762

2010-10-05 22:00:00

CVE-2010-3853

2011-01-24 18:00:00

CVE-2010-3614

2010-12-06 13:44:00

prion

Input validation

2010-10-05 22:00:00

Code injection

2011-01-24 18:00:00

Hardcoded credentials

2010-06-08 18:30:00

gentoo

BIND: Multiple vulnerabilities

2012-06-02 00:00:00

Linux-PAM: Multiple vulnerabilities

2012-06-25 00:00:00

cert

ISC BIND named validator vulnerability

2010-12-01 00:00:00

ISC BIND cache vulnerability

2010-12-01 00:00:00

OpenSLP denial of service vulnerability

2011-03-21 00:00:00

packetstorm

SLP (Service Location Protocol) Denial Of Service

2011-07-26 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

0.371 Low

EPSS

Percentile

96.8%

JSON

Related for VMSA-2011-0004