Vulnerabilities > CVE-2011-1872 - Resource Management Errors vulnerability in Microsoft Windows Server 2008 R2
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Hyper-V in Microsoft Windows Server 2008 Gold, SP2, R2, and R2 SP1 allows guest OS users to cause a denial of service (host OS infinite loop) via malformed machine instructions in a VMBus packet, aka "VMBus Persistent DoS Vulnerability."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 4 |
Common Weakness Enumeration (CWE)
Exploit-Db
description | Microsoft HyperV Persistent DoS Vulnerability. CVE-2011-1872. Dos exploit for windows platform |
id | EDB-ID:17401 |
last seen | 2016-02-02 |
modified | 2011-06-14 |
published | 2011-06-14 |
reporter | Core Security |
source | https://www.exploit-db.com/download/17401/ |
title | Microsoft HyperV Persistent DoS Vulnerability |
Msbulletin
bulletin_id | MS11-047 |
bulletin_url | |
date | 2011-06-14T00:00:00 |
impact | Denial of Service |
knowledgebase_id | 2525835 |
knowledgebase_url | |
severity | Important |
title | Vulnerability in Hyper-V Could Allow Denial of Service |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS11-047.NASL |
description | The remote host is affected by a denial of service flaw that exists in Hyper-V. By sending a specially crafted packet from a guest virtual machine to the host, an authenticated administrator in one of the guest virtual machines could cause the affected Hyper-V system to stop responding. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 55127 |
published | 2011-06-15 |
reporter | This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/55127 |
title | MS11-047: Vulnerability in Hyper-V Could Allow Denial of Service (2525835) |
code |
|
Oval
accepted | 2012-07-30T04:00:07.422-04:00 | ||||||||||||||||
class | vulnerability | ||||||||||||||||
contributors |
| ||||||||||||||||
definition_extensions |
| ||||||||||||||||
description | Hyper-V in Microsoft Windows Server 2008 Gold, SP2, R2, and R2 SP1 allows guest OS users to cause a denial of service (host OS infinite loop) via malformed machine instructions in a VMBus packet, aka "VMBus Persistent DoS Vulnerability." | ||||||||||||||||
family | windows | ||||||||||||||||
id | oval:org.mitre.oval:def:12650 | ||||||||||||||||
status | accepted | ||||||||||||||||
submitted | 2011-06-14T13:00:00 | ||||||||||||||||
title | VMBus Persistent DoS Vulnerability | ||||||||||||||||
version | 49 |
Packetstorm
data source | https://packetstormsecurity.com/files/download/102284/CORE-2011-0203.txt |
id | PACKETSTORM:102284 |
last seen | 2016-12-05 |
published | 2011-06-14 |
reporter | Core Security Technologies |
source | https://packetstormsecurity.com/files/102284/Core-Security-Technologies-Advisory-2011.0203.html |
title | Core Security Technologies Advisory 2011.0203 |
Seebug
bulletinFamily exploit description Bugtraq ID: 48179 CVE ID:CVE-2011-1872 Microsoft Hyper-V是一款微软开发的免费的虚拟服务器。 处理某些机器指令时存在一个验证错误,向VMBus通信通道发送特制的报文可使Hyper-V服务器和所有Guest虚拟机停止响应。 攻击者必须拥有合法登录验证信息并可以从Guest虚拟机发送特制内容。 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 0 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems R2 Microsoft Windows Server 2008 for x64-based Systems 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息: http://www.microsoft.com/technet/security/Bulletin/MS11-047.mspx id SSV:20636 last seen 2017-11-19 modified 2011-06-16 published 2011-06-16 reporter Root title Microsoft Hyper-V VMBus CVE-2011-1872拒绝服务漏洞 bulletinFamily exploit description No description provided by source. id SSV:71779 last seen 2017-11-19 modified 2014-07-01 published 2014-07-01 reporter Root source https://www.seebug.org/vuldb/ssvid-71779 title MS HyperV Persistent DoS Vulnerability