Vulnerabilities > CVE-2010-3609 - Remote Denial Of Service vulnerability in OpenSLP Extension Parser
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other versions before SVN revision 1647, as used in Service Location Protocol daemon (SLPD) in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, allows remote attackers to cause a denial of service (infinite loop) via a packet with a "next extension offset" that references this extension or a previous extension. NOTE: some of these details are obtained from third party information.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| Application | 4 |
Exploit-Db
| description | OpenSLP 1.2.1 & < 1647 trunk - Denial of Service Exploit. CVE-2010-3609. Dos exploits for multiple platform |
| id | EDB-ID:17610 |
| last seen | 2016-02-02 |
| modified | 2011-08-05 |
| published | 2011-08-05 |
| reporter | Nicolas Gregoire |
| source | https://www.exploit-db.com/download/17610/ |
| title | OpenSLP 1.2.1 & < 1647 trunk - Denial of Service Exploit |
Nessus
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1118-1.NASL description It was discovered that OpenSLP incorrectly handled certain corrupted messages. A remote attacker could send a specially crafted packet to the OpenSLP server and cause it to hang, leading to a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 55076 published 2011-06-13 reporter Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55076 title Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : openslp, openslp-dfsg vulnerability (USN-1118-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-1118-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(55076); script_version("1.10"); script_cvs_date("Date: 2019/09/19 12:54:27"); script_cve_id("CVE-2010-3609"); script_bugtraq_id(46772); script_xref(name:"USN", value:"1118-1"); script_name(english:"Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : openslp, openslp-dfsg vulnerability (USN-1118-1)"); script_summary(english:"Checks dpkg output for updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Ubuntu host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "It was discovered that OpenSLP incorrectly handled certain corrupted messages. A remote attacker could send a specially crafted packet to the OpenSLP server and cause it to hang, leading to a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/1118-1/" ); script_set_attribute( attribute:"solution", value:"Update the affected libslp1 package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libslp1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.04:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.10"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.06:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.04:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.10"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/03/11"); script_set_attribute(attribute:"patch_publication_date", value:"2011/04/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/06/13"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(6\.06|8\.04|9\.10|10\.04|10\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 6.06 / 8.04 / 9.10 / 10.04 / 10.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"6.06", pkgname:"libslp1", pkgver:"1.2.1-5ubuntu0.2")) flag++; if (ubuntu_check(osver:"8.04", pkgname:"libslp1", pkgver:"1.2.1-7.1ubuntu0.2")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"libslp1", pkgver:"1.2.1-7.5ubuntu0.1")) flag++; if (ubuntu_check(osver:"10.04", pkgname:"libslp1", pkgver:"1.2.1-7.6ubuntu0.1")) flag++; if (ubuntu_check(osver:"10.10", pkgname:"libslp1", pkgver:"1.2.1-7.7ubuntu0.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libslp1"); }NASL family VMware ESX Local Security Checks NASL id VMWARE_VMSA-2011-0004.NASL description a. Service Location Protocol daemon DoS This patch fixes a denial-of-service vulnerability in the Service Location Protocol daemon (SLPD). Exploitation of this vulnerability could cause SLPD to consume significant CPU resources. VMware would like to thank Nicolas Gregoire and US CERT for reporting this issue to us. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2010-3609 to this issue. b. Service Console update for bind This patch updates the bind-libs and bind-utils RPMs to version 9.3.6-4.P1.el5_5.3, which resolves multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3613, CVE-2010-3614, and CVE-2010-3762 to these issues. c. Service Console update for pam This patch updates the pam RPM to pam_0.99.6.2-3.27.5437.vmw, which resolves multiple security issues with PAM modules. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3316, CVE-2010-3435, and CVE-2010-3853 to these issues. d. Service Console update for rpm, rpm-libs, rpm-python, and popt This patch updates rpm, rpm-libs, and rpm-python RPMs to 4.4.2.3-20.el5_5.1, and popt to version 1.10.2.3-20.el5_5.1, which resolves a security issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-2059 to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 52582 published 2011-03-08 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/52582 title VMSA-2011-0004 : VMware ESX/ESXi SLPD denial of service vulnerability and ESX third-party updates for Service Console packages bind, pam, and rpm. code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from VMware Security Advisory 2011-0004. # The text itself is copyright (C) VMware Inc. # include("compat.inc"); if (description) { script_id(52582); script_version("1.34"); script_cvs_date("Date: 2019/09/24 15:02:54"); script_cve_id("CVE-2005-4889", "CVE-2010-2059", "CVE-2010-2199", "CVE-2010-3316", "CVE-2010-3435", "CVE-2010-3609", "CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3762", "CVE-2010-3853"); script_bugtraq_id(40512, 42472, 43487, 44590, 45133, 45137, 45385, 46772); script_xref(name:"VMSA", value:"2011-0004"); script_name(english:"VMSA-2011-0004 : VMware ESX/ESXi SLPD denial of service vulnerability and ESX third-party updates for Service Console packages bind, pam, and rpm."); script_summary(english:"Checks esxupdate output for the patches"); script_set_attribute( attribute:"synopsis", value: "The remote VMware ESXi / ESX host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "a. Service Location Protocol daemon DoS This patch fixes a denial-of-service vulnerability in the Service Location Protocol daemon (SLPD). Exploitation of this vulnerability could cause SLPD to consume significant CPU resources. VMware would like to thank Nicolas Gregoire and US CERT for reporting this issue to us. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2010-3609 to this issue. b. Service Console update for bind This patch updates the bind-libs and bind-utils RPMs to version 9.3.6-4.P1.el5_5.3, which resolves multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3613, CVE-2010-3614, and CVE-2010-3762 to these issues. c. Service Console update for pam This patch updates the pam RPM to pam_0.99.6.2-3.27.5437.vmw, which resolves multiple security issues with PAM modules. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3316, CVE-2010-3435, and CVE-2010-3853 to these issues. d. Service Console update for rpm, rpm-libs, rpm-python, and popt This patch updates rpm, rpm-libs, and rpm-python RPMs to 4.4.2.3-20.el5_5.1, and popt to version 1.10.2.3-20.el5_5.1, which resolves a security issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-2059 to this issue." ); script_set_attribute( attribute:"see_also", value:"http://lists.vmware.com/pipermail/security-announce/2012/000159.html" ); script_set_attribute(attribute:"solution", value:"Apply the missing patches."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esx:4.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esx:4.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi:4.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi:4.1"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/03/08"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"VMware ESX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/VMware/release", "Host/VMware/version"); script_require_ports("Host/VMware/esxupdate", "Host/VMware/esxcli_software_vibs"); exit(0); } include("audit.inc"); include("vmware_esx_packages.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/VMware/release")) audit(AUDIT_OS_NOT, "VMware ESX / ESXi"); if ( !get_kb_item("Host/VMware/esxcli_software_vibs") && !get_kb_item("Host/VMware/esxupdate") ) audit(AUDIT_PACKAGE_LIST_MISSING); init_esx_check(date:"2011-03-07"); flag = 0; if ( esx_check( ver : "ESX 4.0", patch : "ESX400-201103401-SG", patch_updates : make_list("ESX400-201104401-SG", "ESX400-201110401-SG", "ESX400-201111201-SG", "ESX400-201203401-SG", "ESX400-201205401-SG", "ESX400-201206401-SG", "ESX400-201209401-SG", "ESX400-201302401-SG", "ESX400-201305401-SG", "ESX400-201310401-SG", "ESX400-201404401-SG", "ESX400-Update03", "ESX400-Update04") ) ) flag++; if ( esx_check( ver : "ESX 4.0", patch : "ESX400-201103404-SG", patch_updates : make_list("ESX400-Update03", "ESX400-Update04") ) ) flag++; if ( esx_check( ver : "ESX 4.0", patch : "ESX400-201103406-SG", patch_updates : make_list("ESX400-201203405-SG", "ESX400-201209404-SG", "ESX400-Update03", "ESX400-Update04") ) ) flag++; if ( esx_check( ver : "ESX 4.0", patch : "ESX400-201103407-SG", patch_updates : make_list("ESX400-201305403-SG", "ESX400-Update03", "ESX400-Update04") ) ) flag++; if ( esx_check( ver : "ESX 4.1", patch : "ESX410-201101201-SG", patch_updates : make_list("ESX40-TO-ESX41UPDATE01", "ESX410-201104401-SG", "ESX410-201110201-SG", "ESX410-201201401-SG", "ESX410-201204401-SG", "ESX410-201205401-SG", "ESX410-201206401-SG", "ESX410-201208101-SG", "ESX410-201211401-SG", "ESX410-201301401-SG", "ESX410-201304401-SG", "ESX410-201307401-SG", "ESX410-201312401-SG", "ESX410-201404401-SG", "ESX410-Update01", "ESX410-Update02", "ESX410-Update03") ) ) flag++; if ( esx_check( ver : "ESX 4.1", patch : "ESX410-201104407-SG", patch_updates : make_list("ESX410-201211402-SG", "ESX410-201301402-SG", "ESX410-Update02", "ESX410-Update03") ) ) flag++; if ( esx_check( ver : "ESX 4.1", patch : "ESX410-201110207-SG", patch_updates : make_list("ESX410-Update02", "ESX410-Update03") ) ) flag++; if ( esx_check( ver : "ESXi 4.0", patch : "ESXi400-201103401-SG", patch_updates : make_list("ESXi400-201104401-SG", "ESXi400-201110401-SG", "ESXi400-201203401-SG", "ESXi400-201205401-SG", "ESXi400-201206401-SG", "ESXi400-201209401-SG", "ESXi400-201302401-SG", "ESXi400-201305401-SG", "ESXi400-201310401-SG", "ESXi400-201404401-SG", "ESXi400-Update03", "ESXi400-Update04") ) ) flag++; if ( esx_check( ver : "ESXi 4.1", patch : "ESXi410-201101201-SG", patch_updates : make_list("ESXi410-201104401-SG", "ESXi410-201110201-SG", "ESXi410-201201401-SG", "ESXi410-201204401-SG", "ESXi410-201205401-SG", "ESXi410-201206401-SG", "ESXi410-201208101-SG", "ESXi410-201211401-SG", "ESXi410-201301401-SG", "ESXi410-201304401-SG", "ESXi410-201307401-SG", "ESXi410-201312401-SG", "ESXi410-201404401-SG", "ESXi410-Update01", "ESXi410-Update02", "ESXi410-Update03") ) ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:esx_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family SuSE Local Security Checks NASL id SUSE_11_OPENSLP-101013.NASL description The openslp daemon could run into an endless loop when receiving specially crafted packets. (CVE-2010-3609) Additionally the following non-security bugs were fixed : - 564504: Fix handling of DA answers if both active and passive DA detection is off - 597215: Add configuration options to openSLP: net.slp.DASyncReg makes slpd query statically configured DAs for registrations, net.slp.isDABackup enables periodic writing of remote registrations to a backup file which is also read on startup. Both options can be used to decrease the time between the start of the slpd daemon and slpd knowing all registrations. - 601002: reduce CPU usage spikes on machines with many connections by using the kernel netlink interface instead of reading the /proc filesystem. - 626444: Standard compliance was fixed by stripping leading and trailing white spaces when doing string comparisons of scopes. last seen 2020-06-01 modified 2020-06-02 plugin id 50954 published 2010-12-02 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50954 title SuSE 11 Security Update : openslp (SAT Patch Number 3317) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(50954); script_version("1.8"); script_cvs_date("Date: 2019/10/25 13:36:39"); script_cve_id("CVE-2010-3609"); script_name(english:"SuSE 11 Security Update : openslp (SAT Patch Number 3317)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "The openslp daemon could run into an endless loop when receiving specially crafted packets. (CVE-2010-3609) Additionally the following non-security bugs were fixed : - 564504: Fix handling of DA answers if both active and passive DA detection is off - 597215: Add configuration options to openSLP: net.slp.DASyncReg makes slpd query statically configured DAs for registrations, net.slp.isDABackup enables periodic writing of remote registrations to a backup file which is also read on startup. Both options can be used to decrease the time between the start of the slpd daemon and slpd knowing all registrations. - 601002: reduce CPU usage spikes on machines with many connections by using the kernel netlink interface instead of reading the /proc filesystem. - 626444: Standard compliance was fixed by stripping leading and trailing white spaces when doing string comparisons of scopes." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=564504" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=597215" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=601002" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=626444" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=642571" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-3609.html" ); script_set_attribute(attribute:"solution", value:"Apply SAT patch number 3317."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:openslp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:openslp-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:openslp-server"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2010/10/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/12/02"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (pl) audit(AUDIT_OS_NOT, "SuSE 11.0"); flag = 0; if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"openslp-1.2.0-172.10.7.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"openslp-1.2.0-172.10.7.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"openslp-32bit-1.2.0-172.10.7.1")) flag++; if (rpm_check(release:"SLES11", sp:0, reference:"openslp-1.2.0-172.10.7.1")) flag++; if (rpm_check(release:"SLES11", sp:0, reference:"openslp-server-1.2.0-172.10.7.1")) flag++; if (rpm_check(release:"SLES11", sp:0, cpu:"s390x", reference:"openslp-32bit-1.2.0-172.10.7.1")) flag++; if (rpm_check(release:"SLES11", sp:0, cpu:"x86_64", reference:"openslp-32bit-1.2.0-172.10.7.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Fedora Local Security Checks NASL id FEDORA_2015-7561.NASL description openslp: denial of service vulnerability (CVE-2010-3609) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2015-05-29 plugin id 83890 published 2015-05-29 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/83890 title Fedora 20 : openslp-1.2.1-22.fc20 (2015-7561) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2015-7561. # include("compat.inc"); if (description) { script_id(83890); script_version("2.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2010-3609", "CVE-2012-4428"); script_xref(name:"FEDORA", value:"2015-7561"); script_name(english:"Fedora 20 : openslp-1.2.1-22.fc20 (2015-7561)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "openslp: denial of service vulnerability (CVE-2010-3609) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=684294" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=857242" ); # https://lists.fedoraproject.org/pipermail/package-announce/2015-May/159059.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?6f58f5f1" ); script_set_attribute( attribute:"solution", value:"Update the affected openslp package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:openslp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:20"); script_set_attribute(attribute:"patch_publication_date", value:"2015/05/06"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/05/29"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^20([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 20.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC20", reference:"openslp-1.2.1-22.fc20")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openslp"); }NASL family SuSE Local Security Checks NASL id SUSE_11_OPENSLP-101012.NASL description The openslp daemon could run into an endless loop when receiving specially crafted packets (CVE-2010-3609). This has been fixed. Additionally the following non-security bugs were fixed : - 564504: Fix handling of DA answers if both active and passive DA detection is off - 597215: Add configuration options to openSLP: net.slp.DASyncReg makes slpd query statically configured DAs for registrations, net.slp.isDABackup enables periodic writing of remote registrations to a backup file which is also read on startup. Both options can be used to decrease the time between the start of the slpd daemon and slpd knowing all registrations. - 601002: reduce CPU usage spikes on machines with many connections by using the kernel netlink interface instead of reading the /proc filesystem. - 626444: Standard compliance was fixed by stripping leading and trailing white spaces when doing string comparisons of scopes. last seen 2020-06-01 modified 2020-06-02 plugin id 51628 published 2011-01-21 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/51628 title SuSE 11.1 Security Update : openSLP (SAT Patch Number 3312) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(51628); script_version("1.7"); script_cvs_date("Date: 2019/10/25 13:36:39"); script_cve_id("CVE-2010-3609"); script_name(english:"SuSE 11.1 Security Update : openSLP (SAT Patch Number 3312)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "The openslp daemon could run into an endless loop when receiving specially crafted packets (CVE-2010-3609). This has been fixed. Additionally the following non-security bugs were fixed : - 564504: Fix handling of DA answers if both active and passive DA detection is off - 597215: Add configuration options to openSLP: net.slp.DASyncReg makes slpd query statically configured DAs for registrations, net.slp.isDABackup enables periodic writing of remote registrations to a backup file which is also read on startup. Both options can be used to decrease the time between the start of the slpd daemon and slpd knowing all registrations. - 601002: reduce CPU usage spikes on machines with many connections by using the kernel netlink interface instead of reading the /proc filesystem. - 626444: Standard compliance was fixed by stripping leading and trailing white spaces when doing string comparisons of scopes." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=564504" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=597215" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=601002" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=626444" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=642571" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-3609.html" ); script_set_attribute(attribute:"solution", value:"Apply SAT patch number 3312."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:openslp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:openslp-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:openslp-server"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2010/10/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/21"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, "SuSE 11.1"); flag = 0; if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"openslp-1.2.0-172.15.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"openslp-1.2.0-172.15.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"openslp-32bit-1.2.0-172.15.1")) flag++; if (rpm_check(release:"SLES11", sp:1, reference:"openslp-1.2.0-172.15.1")) flag++; if (rpm_check(release:"SLES11", sp:1, reference:"openslp-server-1.2.0-172.15.1")) flag++; if (rpm_check(release:"SLES11", sp:1, cpu:"s390x", reference:"openslp-32bit-1.2.0-172.15.1")) flag++; if (rpm_check(release:"SLES11", sp:1, cpu:"x86_64", reference:"openslp-32bit-1.2.0-172.15.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family SuSE Local Security Checks NASL id SUSE_11_3_OPENSLP-101012.NASL description the openslp daemon could run into an endless loop when receiving specially crafted packets (CVE-2010-3609). last seen 2020-06-01 modified 2020-06-02 plugin id 75689 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75689 title openSUSE Security Update : openslp (openSUSE-SU-2010:0992-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openslp-3310. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75689); script_version("1.4"); script_cvs_date("Date: 2019/10/25 13:36:39"); script_cve_id("CVE-2010-3609"); script_name(english:"openSUSE Security Update : openslp (openSUSE-SU-2010:0992-1)"); script_summary(english:"Check for the openslp-3310 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "the openslp daemon could run into an endless loop when receiving specially crafted packets (CVE-2010-3609)." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=642571" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2010-11/msg00039.html" ); script_set_attribute( attribute:"solution", value:"Update the affected openslp packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:openslp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:openslp-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:openslp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:openslp-server"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3"); script_set_attribute(attribute:"patch_publication_date", value:"2010/10/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.3", reference:"openslp-1.2.0-180.1.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"openslp-devel-1.2.0-180.1.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"openslp-server-1.2.0-180.1.1") ) flag++; if ( rpm_check(release:"SUSE11.3", cpu:"x86_64", reference:"openslp-32bit-1.2.0-180.1.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openslp / openslp-32bit / openslp-devel / openslp-server"); }NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2013-111.NASL description Updated openslp packages fix security vulnerability : The extension parser in slp_v2message.c in OpenSLP 1.2.1 allows remote attackers to cause a denial of service (infinite loop) via a packet with a next extension offset that references this extension or a previous extension (CVE-2010-3609). last seen 2020-06-01 modified 2020-06-02 plugin id 66123 published 2013-04-20 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/66123 title Mandriva Linux Security Advisory : openslp (MDVSA-2013:111) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2013:111. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(66123); script_version("1.7"); script_cvs_date("Date: 2019/08/02 13:32:55"); script_cve_id("CVE-2010-3609"); script_bugtraq_id(46772); script_xref(name:"MDVSA", value:"2013:111"); script_xref(name:"MGASA", value:"2012-0227"); script_name(english:"Mandriva Linux Security Advisory : openslp (MDVSA-2013:111)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated openslp packages fix security vulnerability : The extension parser in slp_v2message.c in OpenSLP 1.2.1 allows remote attackers to cause a denial of service (infinite loop) via a packet with a next extension offset that references this extension or a previous extension (CVE-2010-3609)." ); script_set_attribute( attribute:"solution", value: "Update the affected lib64openslp1, lib64openslp1-devel and / or openslp packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64openslp1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64openslp1-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openslp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1"); script_set_attribute(attribute:"patch_publication_date", value:"2013/04/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/04/20"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64openslp1-1.2.1-12.1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64openslp1-devel-1.2.1-12.1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"openslp-1.2.1-12.1.mbs1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Misc. NASL id VMWARE_VMSA-2011-0004_REMOTE.NASL description The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including arbitrary code execution vulnerabilities, in several third-party components and libraries : - bind - pam - popt - rpm - rpm-libs - rpm-python - Service Location Protocol daemon (SLPD) last seen 2020-06-01 modified 2020-06-02 plugin id 89675 published 2016-03-04 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/89675 title VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0004) (remote check) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201707-05.NASL description The remote host is affected by the vulnerability described in GLSA-201707-05 (OpenSLP: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in OpenSLP. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly cause a Denial of Service condition or have other unspecified impacts. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 101336 published 2017-07-10 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/101336 title GLSA-201707-05 : OpenSLP: Multiple vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_OPENSLP-7187.NASL description The openslp daemon could run into an endless loop when receiving specially crafted packets (CVE-2010-3609). This has been fixed. Additionally the following non-security bugs were fixed : - This openSLP update extends the net.slp.isDABackup mechanism introduced with the previous update by a new configuration option last seen 2020-06-01 modified 2020-06-02 plugin id 50842 published 2010-11-30 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50842 title SuSE 10 Security Update : openslp (ZYPP Patch Number 7187) NASL family SuSE Local Security Checks NASL id SUSE_11_1_OPENSLP-101012.NASL description the openslp daemon could run into an endless loop when receiving specially crafted packets (CVE-2010-3609). last seen 2020-06-01 modified 2020-06-02 plugin id 53685 published 2011-05-05 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/53685 title openSUSE Security Update : openslp (openSUSE-SU-2010:0992-1) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-304.NASL description Several issues have been found and solved in OpenSLP, that implements the Internet Engineering Task Force (IETF) Service Location Protocol standards protocol. CVE-2010-3609 Remote attackers could cause a Denial of Service in the Service Location Protocol daemon (SLPD) via a crafted packet with a last seen 2020-03-17 modified 2015-09-04 plugin id 85769 published 2015-09-04 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/85769 title Debian DLA-304-1 : openslp-dfsg security update NASL family SuSE Local Security Checks NASL id SUSE_11_2_OPENSLP-101012.NASL description the openslp daemon could run into an endless loop when receiving specially crafted packets (CVE-2010-3609). last seen 2020-06-01 modified 2020-06-02 plugin id 53785 published 2011-05-05 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/53785 title openSUSE Security Update : openslp (openSUSE-SU-2010:0992-1) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2012-141.NASL description A vulnerability has been discovered and corrected in openslp : The extension parser in slp_v2message.c in OpenSLP 1.2.1 allows remote attackers to cause a denial of service (infinite loop) via a packet with a next extension offset that references this extension or a previous extension (CVE-2010-3609). The updated packages have been patched to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 61986 published 2012-09-06 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/61986 title Mandriva Linux Security Advisory : openslp (MDVSA-2012:141)
Packetstorm
| data source | https://packetstormsecurity.com/files/download/103443/SLPick.py.txt |
| id | PACKETSTORM:103443 |
| last seen | 2016-12-05 |
| published | 2011-07-26 |
| reporter | Nicolas Gregoire |
| source | https://packetstormsecurity.com/files/103443/SLP-Service-Location-Protocol-Denial-Of-Service.html |
| title | SLP (Service Location Protocol) Denial Of Service |
References
- http://lists.vmware.com/pipermail/security-announce/2011/000126.html
- http://secunia.com/advisories/43601
- http://secunia.com/advisories/43742
- http://securityreason.com/securityalert/8127
- http://securitytracker.com/id?1025168
- http://www.kb.cert.org/vuls/id/393783
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:141
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:111
- http://www.osvdb.org/71019
- http://www.securityfocus.com/archive/1/516909/100/0/threaded
- http://www.securityfocus.com/bid/46772
- http://www.vmware.com/security/advisories/VMSA-2011-0004.html
- http://www.vupen.com/english/advisories/2011/0606
- http://www.vupen.com/english/advisories/2011/0729
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65931
- https://security.gentoo.org/glsa/201707-05
- https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0227