Lucene search
GoogleOSV:DSA-2806-1HistoryNov 29, 2013 - 12:00 a.m.
nbd - privilege escalation
2013-11-2900:00:00
Google
osv.dev
6
0.01 Low
EPSS
Percentile
83.3%
It was discovered that nbd-server, the server for the Network Block
Device protocol, did incorrect parsing of the access control lists,
allowing access to any hosts with an IP address sharing a prefix with
an allowed address.
For the oldstable distribution (squeeze), this problem has been fixed in
version 1:2.9.16-8+squeeze1.
For the stable distribution (wheezy), this problem has been fixed in
version 1:3.2-4~deb7u4.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your nbd packages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| nbd | eq | 1:3.2-4~deb7u4~bpo60+1 | |
| nbd | eq | 1:3.2-4~deb7u3 | |
| nbd | eq | 1:3.2-3 | |
| nbd | eq | 1:3.2-2 | |
| nbd | eq | 1:3.2-4~deb7u1 | |
| nbd | eq | 1:3.2-4~deb7u2 |
References
Related
openvas
openvas
Fedora Update for nbd FEDORA-2013-22610
2013-12-17 00:00:00
Fedora Update for nbd FEDORA-2013-22607
2013-12-17 00:00:00
Debian: Security Advisory (DSA-2806-1)
2013-11-28 00:00:00
cvelist
cvelist
CVE-2013-6410
2013-12-07 20:00:00
cve
cve
CVE-2013-6410
2013-12-07 20:55:02
nessus
nessus
Debian DSA-2806-1 : nbd - privilege escalation
2013-12-01 00:00:00
Fedora 20 : nbd-3.5-1.fc20 (2013-22557)
2013-12-14 00:00:00
Fedora 19 : nbd-3.5-1.fc19 (2013-22610)
2013-12-12 00:00:00
debian
debian
[BSA-089] Security update for nbd
2013-12-04 15:57:10
fedora
fedora
[SECURITY] Fedora 19 Update: nbd-3.5-1.fc19
2013-12-12 02:51:32
[SECURITY] Fedora 18 Update: nbd-3.5-1.fc18
2013-12-12 02:59:24
[SECURITY] Fedora 20 Update: nbd-3.5-1.fc20
2013-12-14 03:36:12
ubuntucve
ubuntucve
CVE-2013-6410
2013-12-07 00:00:00
debiancve
debiancve
CVE-2013-6410
2013-12-07 20:55:02
prion
prion
Design/Logic Flaw
2013-12-07 20:55:00
nvd
nvd
CVE-2013-6410
2013-12-07 20:55:02
ubuntu
ubuntu
NBD vulnerabilities
2015-07-22 00:00:00