CVE-2010-2811

Name of the Vulnerable Software and Affected Versions Red Hat Enterprise Virtualization (RHEV) version 2.2

Description The issue is related to the Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV), which does not properly handle TCP connections for SSL sessions. This allows remote attackers to cause a denial of service, resulting in a daemon outage, by sending crafted SSL traffic.

Recommendations For Red Hat Enterprise Virtualization (RHEV) version 2.2, consider restricting SSL traffic to trusted sources until a fix is available. As a temporary workaround, limiting the exposure of VDSM to untrusted networks may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.