VYPR
Unrated severityNVD Advisory· Published Mar 11, 2011· Updated Jun 16, 2026

CVE-2010-3609

CVE-2010-3609

Description

The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other versions before SVN revision 1647, as used in Service Location Protocol daemon (SLPD) in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, allows remote attackers to cause a denial of service (infinite loop) via a packet with a "next extension offset" that references this extension or a previous extension. NOTE: some of these details are obtained from third party information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9
  • Openslp/Openslp2 versions
    cpe:2.3:a:openslp:openslp:1.2.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:openslp:openslp:1.2.1:*:*:*:*:*:*:*
    • (no CPE)range: <=1.2.1 (before SVN revision 1647)
  • VMware/Esx3 versions
    cpe:2.3:a:vmware:esx:4.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:vmware:esx:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:esx:4.1:*:*:*:*:*:*:*
    • (no CPE)range: 4.0, 4.1
  • VMware/Esxi3 versions
    cpe:2.3:a:vmware:esxi:4.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:vmware:esxi:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:esxi:4.1:*:*:*:*:*:*:*
    • (no CPE)range: 4.0, 4.1

Patches

Vulnerability mechanics

References

17

News mentions

0

No linked articles in our index yet.