7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.166 Low
EPSS
Percentile
95.3%
It was discovered a regression of a buffer overflow (CVE-2005-3534) in NBD,
the Network Block Device server, that could allow arbitrary code execution
on the NBD server via a large request.
For the oldstable distribution (lenny), this problem has been fixed in
version 1:2.9.11-3lenny1.
The stable distribution (squeeze), the testing distribution (wheezy),
and the unstable distribution (sid) are not affected. This problem was
fixed prior the release of squeeze in version 1:2.9.16-8.
We recommend that you upgrade your nbd packages.
CPE | Name | Operator | Version |
---|---|---|---|
nbd | eq | 1:2.9.11-3 |