12 matches found
EUVD-2019-5966
Malware in sbrugna...
SUSE CVE-2021-3716
A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary. A MitM attacker could use this flaw to inject a plaintext NBDOPTSTRUCTUREDREPLY before proxying everything else a client sends to the server, potentially leading the client to terminat...
nbdkit: NBD_OPT_STRUCTURED_REPLY injection on STARTTLS
A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary. A MitM attacker could use this flaw to inject a plaintext NBDOPTSTRUCTUREDREPLY before proxying everything else a client sends to the server, potentially leading the client to terminat...
UBUNTU-CVE-2021-3716
A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary. A MitM attacker could use this flaw to inject a plaintext NBDOPTSTRUCTUREDREPLY before proxying everything else a client sends to the server, potentially leading the client to terminat...
nbdkit: NBD_OPT_STRUCTURED_REPLY injection on STARTTLS
A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary. A MitM attacker could use this flaw to inject a plaintext NBDOPTSTRUCTUREDREPLY before proxying everything else a client sends to the server, potentially leading the client to terminat...
Libguestfs Nbdkit 安全漏洞
Libguestfs Nbdkit is an application from the Libguestfs community for creating NBD Protocol for Accessing Network Block Devices servers. Libguestfs Nbdkit suffers from a security vulnerability that can be exploited by an attacker to trigger a denial of service by causing a fatal error via Nbdkit'...
CVE-2019-14842
A bounds check vulnerability was found in libnbd's structured reply feature where the check was supposed to test for chunk offsets smaller than the beginning of the request but did not work because of signed/unsigned confusion. Structured reply is a feature of the newstyle NBD protocol allowing t...
CVE-2019-14842
Structured reply is a feature of the newstyle NBD protocol allowing the server to send a reply in chunks. A bounds check which was supposed to test for chunk offsets smaller than the beginning of the request did not work because of signed/unsigned confusion. If one of these chunks contains a...
Type confusion
Structured reply is a feature of the newstyle NBD protocol allowing the server to send a reply in chunks. A bounds check which was supposed to test for chunk offsets smaller than the beginning of the request did not work because of signed/unsigned confusion. If one of these chunks contains a...
CVE-2019-14842
Structured reply is a feature of the newstyle NBD protocol allowing the server to send a reply in chunks. A bounds check which was supposed to test for chunk offsets smaller than the beginning of the request did not work because of signed/unsigned confusion. If one of these chunks contains a...
CVE-2019-14842
CVE-2019-14842 is a memory-safety fault in the NBD protocol handling (Structured reply feature). The issue arises from a signed/unsigned mismatch in a bounds check for chunk offsets in the server’s reply path; a chunk with a negative offset can cause data to be written outside the intended read b...
PT-2019-13855 · Nbd · Nbd
Name of the Vulnerable Software and Affected Versions: nbd affected versions not specified Description: The issue is related to the Structured reply feature of the newstyle NBD protocol, which allows the server to send a reply in chunks. A bounds check error due to signed/unsigned confusion can...