Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1786

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-1786
Last Modified 07 Oct 2011 12:00:00
Published 03 May 2011 06:55:03
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-1786

Summary

lsassd in Likewise Open /Enterprise 5.3 before build 7845, Open 6.0 before build 8325, and Enterprise 6.0 before build 178, as distributed in VMware ESXi 4.1 and ESX 4.1 and possibly other products, allows remote attackers to cause a denial of service (daemon crash) via an Active Directory login attempt that provides a username containing an invalid byte sequence.

Vulnerable Systems

Application

  • Likewise Open 5.3

  • Likewise Open 6.0

  • Vmware Esx 4.1

  • Vmware Esxi 4.1


References

XF - likewise-lsaad-dos(67194)

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2011-0007.html

BID - 47625

BUGTRAQ - 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console

CONFIRM - http://www.likewise.com/community/index.php/forums/viewannounce/1104_27/

SECTRACK - 1025452

SREASON - 8240

SECUNIA - 44349

MLIST - [security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console

CONFIRM - http://kb.vmware.com/kb/1035108


Last Updated: 27 May 2016 10:56:48