CVE-2011-1786

Severity Score

7.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

lsassd in Likewise Open /Enterprise 5.3 before build 7845, Open 6.0 before build 8325, and Enterprise 6.0 before build 178, as distributed in VMware ESXi 4.1 and ESX 4.1 and possibly other products, allows remote attackers to cause a denial of service (daemon crash) via an Active Directory login attempt that provides a username containing an invalid byte sequence.

lsassd en Likewise Open /Enterprise versión 5.3 anterior a build 7845, Open versión 6.0 anterior a build 8325, e Enterprise versión 6.0 anterior a build 178, tal y como es distribuido en ESXi versión 4.1 y ESX versión 4.1 de VMware y posiblemente otros productos, permite que los atacantes remotos causar una denegación de servicio (bloqueo del demonio) por medio de un intento de inicio de sesión de Active Directory que proporciona un nombre de usuario que contiene una secuencia de bytes no válida.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2011-04-19 CVE Reserved
2011-05-03 CVE Published
2024-08-06 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-399: Resource Management Errors

CAPEC

References (10)

URL	Tag	Source
http://kb.vmware.com/kb/1035108	X_refsource_confirm
http://lists.vmware.com/pipermail/security-announce/2011/000133.html	Mailing List
http://securityreason.com/securityalert/8240	Third Party Advisory
http://securitytracker.com/id?1025452	Vdb Entry
http://www.likewise.com/community/index.php/forums/viewannounce/1104_27	X_refsource_confirm
http://www.securityfocus.com/archive/1/517739/100/0/threaded	Mailing List
http://www.securityfocus.com/bid/47625	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/67194	Vdb Entry

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://secunia.com/advisories/44349	2018-10-09
http://www.vmware.com/security/advisories/VMSA-2011-0007.html	2018-10-09

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Likewise Search vendor "Likewise"		Likewise Open Search vendor "Likewise" for product "Likewise Open"				5.3 Search vendor "Likewise" for product "Likewise Open" and version "5.3"		enterprise		Affected
Likewise Search vendor "Likewise"		Likewise Open Search vendor "Likewise" for product "Likewise Open"				6.0 Search vendor "Likewise" for product "Likewise Open" and version "6.0"		-		Affected
Likewise Search vendor "Likewise"		Likewise Open Search vendor "Likewise" for product "Likewise Open"				6.0 Search vendor "Likewise" for product "Likewise Open" and version "6.0"		enterprise		Affected
Vmware Search vendor "Vmware"		Esx Search vendor "Vmware" for product "Esx"				4.1 Search vendor "Vmware" for product "Esx" and version "4.1"		-		Affected
Vmware Search vendor "Vmware"		Esxi Search vendor "Vmware" for product "Esxi"				4.1 Search vendor "Vmware" for product "Esxi" and version "4.1"		-		Affected