Lucene search

PRIOn knowledge basePRION:CVE-2013-7441

HistoryMay 29, 2015 - 3:59 p.m.

Code injection

2015-05-2915:59:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.042 Low

EPSS

Percentile

92.0%

JSON

The modern style negotiation in Network Block Device (nbd-server) 2.9.22 through 3.3 allows remote attackers to cause a denial of service (root process termination) by (1) closing the connection during negotiation or (2) specifying a name for a non-existent export.

CPENameOperatorVersion
nbdeq2.9.25
nbdeq3.1
nbdeq2.9.3
nbdeq2.9.6
nbdeq3.1.1
nbdeq2.9.7
nbdeq3.3
nbdeq3.2
nbdeq2.9.9
nbdeq2.9.4

Name	Operator	Version
nbd	eq	2.9.25
nbd	eq	3.1
nbd	eq	2.9.3
nbd	eq	2.9.6
nbd	eq	3.1.1
nbd	eq	2.9.7
nbd	eq	3.3
nbd	eq	3.2
nbd	eq	2.9.9
nbd	eq	2.9.4

Rows per page:

1-10 of 161

References

lists.opensuse.org/opensuse-updates/2015-06/msg00003.html

sourceforge.net/p/nbd/mailman/message/30410146/

www.debian.org/security/2015/dsa-3271

www.openwall.com/lists/oss-security/2015/05/19/6

www.openwall.com/lists/oss-security/2015/05/21/5

www.securityfocus.com/bid/74808

www.ubuntu.com/usn/USN-2676-1

bugs.debian.org/cgi-bin/bugreport.cgi?bug=781547

github.com/yoe/nbd/commit/741495cb08503fd32a9d22648e63b64390c601f4

7 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.042 Low

EPSS

Percentile

92.0%

JSON

Related for PRION:CVE-2013-7441