Vigil@nce: VMware ESX, ESXi, denial of service via Cisco Nexus 1000V
February 2011 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
When the Cisco Nexus 1000V Virtual Ethernet Module is installed on
VMware ESX/ESXi, a local attacker can send a malicious packet, in
order to stop the system.
– Severity: 1/4
– Creation date: 08/02/2011
IMPACTED PRODUCTS
– VMware ESX
– VMware ESXi
DESCRIPTION OF THE VULNERABILITY
The VMware ESX/ESXi administrator can replace the standard virtual
switch by the Cisco Nexus 1000V Virtual Ethernet Module.
However, when the Cisco Nexus 1000V switch receives a malicious
IEEE 802.1Q (VLAN) packet, an error occurs, and the virtual
machine stops.
When the Cisco Nexus 1000V Virtual Ethernet Module is installed on
VMware ESX/ESXi, a local attacker can therefore send a malicious
packet, in order to stop the system.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/VMware-ESX-ESXi-denial-of-service-via-Cisco-Nexus-1000V-10334