6 matches found
CVE-2013-6410
CVE-2013-6410 affects the NBD server (nbd) prior to version 3.5, where IP address checking can be bypassed by using an IP with a partial match in the authfile. The vulnerability allows remote attackers to bypass access restrictions. Affected product: nbd server in Network Block Device; vulnerable...
CVE-2011-0530
CVE-2011-0530 is a vulnerability in the NBD (network block device) project where the server’s mainloop in nbd-server.c is susceptible to a buffer overflow via overly long requests. Exploitation could allow remote code execution; base score 7.5 (CVSS v2) with network attack vector and no user inte...
CVE-2015-0847
The CVE-2015-0847 issue affects the NBD (Network Block Device) component, specifically nbd-server before version 3.11, where signals are not handled correctly. This root cause can allow a remote attacker to trigger a denial of service (deadlock) via unspecified vectors. Multiple advisory feeds (F...
CVE-2005-3534
CVE-2005-3534 describes a buffer overflow in the NBD (Network Block Device) server (nbd) that could allow remote code execution via a large request. Affected are nbd server versions 2.7.5 and earlier, and 2.8.0 through 2.8.2, with the issue caused by writing past the end of memory allocated for t...
CVE-2011-1925
The CVE-2011-1925 issue affects nbd-server in Network Block Device, version 2.9.21. A remote attacker can trigger a denial-of-service via a NULL pointer dereference during negotiation, demonstrated by providing a name for a non-existent export. Public sources (SUSE, Gentoo GLSA, OSS/OpenVAS advis...
CVE-2013-7441
CVE-2013-7441 affects Network Block Device dnbd-server (nbd-server) in the 2.9.22–3.3 range. The vector is during the negotiation phase: an attacker can terminate the root process by (1) closing the connection during negotiation or (2) supplying a name for a non-existent export, causing a denial ...