Vulnerability Note VU#393783
OpenSLP denial of service vulnerability
OpenSLP contains a vulnerability in the handling of packets containing malformed extensions, which can result in a denial-of-service condition.
Service Location Protocol is an IETF standards track protocol that provides a framework to allow networking applications to discover the existence, location, and configuration of networked services in enterprise networks. The OpenSLP project is an effort to develop an open-source implementation of Service Location Protocol. When OpenSLP parses a SLP packet containing malformed extensions the extensions parser will enter an infinite loop causing a denial-of-service condition.
If an attacker creates a packet containing a "next extension offset" pointing to itself or to a previous extension, the extension's parser will enter an infinite loop consuming 100% of the CPU.
A remote unauthenticated attacker may be able to create a denial-of-service condition.
Upgrade or apply a patch from the vendor
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Novell, Inc.||Affected||11 Aug 2010||14 Jan 2011|
|SUSE Linux||Affected||07 Oct 2010||21 Mar 2011|
|Ubuntu||Affected||-||21 Apr 2011|
|VMware||Affected||12 Aug 2010||16 Mar 2011|
CVSS Metrics (Learn More)
Thanks to Nicolas Gregoire of Agarri for reporting this vulnerability.
This document was written by Michael Orlando.
- CVE IDs: CVE-2010-3609
- Date Public: 21 Mar 2011
- Date First Published: 21 Mar 2011
- Date Last Updated: 21 Apr 2011
- Severity Metric: 0.58
- Document Revision: 22
If you have feedback, comments, or additional information about this vulnerability, please send us email.