CVE-2011-1786

2011-05-0322:55:03

CWE-399

[email protected]

web.nvd.nist.gov

cve-2011-1786

lsassd

likewise open

likewise enterprise

vmware esxi

vmware esx

denial of service

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

High

0.055 Low

EPSS

Percentile

93.2%

JSON

lsassd in Likewise Open /Enterprise 5.3 before build 7845, Open 6.0 before build 8325, and Enterprise 6.0 before build 178, as distributed in VMware ESXi 4.1 and ESX 4.1 and possibly other products, allows remote attackers to cause a denial of service (daemon crash) via an Active Directory login attempt that provides a username containing an invalid byte sequence.

Affected configurations

NVD

Node

likewiselikewise_openMatch5.3enterprise

likewiselikewise_openMatch6.0

likewiselikewise_openMatch6.0enterprise

vmwareesxMatch4.1

vmwareesxiMatch4.1

CPENameOperatorVersion
likewise:likewise_openlikewise likewise openeq5.3
likewise:likewise_openlikewise likewise openeq6.0
vmware:esxvmware esxeq4.1
vmware:esxivmware esxieq4.1

CPE	Name	Operator	Version
likewise:likewise_open	likewise likewise open	eq	5.3
likewise:likewise_open	likewise likewise open	eq	6.0
vmware:esx	vmware esx	eq	4.1
vmware:esxi	vmware esxi	eq	4.1