731 matches found
USN-238-1: Blender vulnerability
Kurt Fitzner discovered that the NBD network block device server did not correctly verify the maximum size of request packets. By sending specially crafted large request packets, a remote attacker who is allowed to access the server could exploit this to execute arbitrary code with root privilege...
USN-237-1: nbd vulnerability
Kurt Fitzner discovered that the NBD network block device server did not correctly verify the maximum size of request packets. By sending specially crafted large request packets, a remote attacker who is allowed to access the server could exploit this to execute arbitrary code with root privilege...
GLSA-200512-14 : NBD Tools: Buffer overflow in NBD server
The remote host is affected by the vulnerability described in GLSA-200512-14 NBD Tools: Buffer overflow in NBD server Kurt Fitzner discovered that the NBD server allocates a request buffer that fails to take into account the size of the reply header. Impact : A remote attacker could send a...
Network Block Device (NBD) Server Request Handling Remote Overflow
The version of the Network Block Device NBD server installed on the remote host does not properly check the size of read requests before filling a dynamically-allocated buffer. Using a specially crafted read request, an attacker can overwrite this buffer, which could crash the affected server or...
NBD Tools: Buffer overflow in NBD server
Background The NBD Tools are the Network Block Device utilities allowing one to use remote block devices over a TCP/IP network. It includes a userland NBD server. Description Kurt Fitzner discovered that the NBD server allocates a request buffer that fails to take into account the size of the rep...
CVE-2005-3534
Buffer overflow in the Network Block Device nbd server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header...
CVE-2005-3534
CVE-2005-3534 describes a buffer overflow in the NBD (Network Block Device) server (nbd) that could allow remote code execution via a large request. Affected are nbd server versions 2.7.5 and earlier, and 2.8.0 through 2.8.2, with the issue caused by writing past the end of memory allocated for t...
[SECURITY] [DSA 924-1] New nbd packages fix potential arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 924-1 [email protected] http://www.debian.org/security/ Martin Schulze December 21st, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 924-1] New nbd packages fix potential arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 924-1 [email protected] http://www.debian.org/security/ Martin Schulze December 21st, 2005 http://www.debian.org/security/faq -...
[Full-disclosure] [SECURITY] [DSA 924-1] New nbd packages fix potential arbitrary code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 924-1 [email protected] http://www.debian.org/security/ Martin Schulze December 21st, 2005 http://www.debian.org/security/faq -...
DSA-924-1 nbd - buffer overflow
Bulletin has no description...