Search

Find a vulnerability

Search criteria

    12 vulnerabilities found for nbd by wouter_verhelst

    CVE-2015-0847 (GCVE-0-2015-0847)

    Vulnerability from nvd – Published: 2015-05-29 15:00 – Updated: 2024-08-06 04:26
    VLAI
    Summary
    nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly handle signals, which allows remote attackers to cause a denial of service (deadlock) via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.debian.org/security/2015/dsa-3271 vendor-advisoryx_refsource_DEBIAN
    http://sourceforge.net/p/nbd/mailman/message/34091218/ mailing-listx_refsource_MLIST
    http://www.ubuntu.com/usn/USN-2676-1 vendor-advisoryx_refsource_UBUNTU
    http://lists.opensuse.org/opensuse-updates/2015-0… vendor-advisoryx_refsource_SUSE
    http://sourceforge.net/projects/nbd/files/nbd/3.11/ x_refsource_CONFIRM
    http://www.openwall.com/lists/oss-security/2015/05/07/9 mailing-listx_refsource_MLIST
    Date Public
    2015-05-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T04:26:11.372Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-3271",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2015/dsa-3271"
              },
              {
                "name": "[Nbd] 20150507 [PATCH] nbd-server: fix unsafe signal handling",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/p/nbd/mailman/message/34091218/"
              },
              {
                "name": "USN-2676-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-2676-1"
              },
              {
                "name": "openSUSE-SU-2015:0994",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00003.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/projects/nbd/files/nbd/3.11/"
              },
              {
                "name": "[oss-security] 20150507 CVE-2015-0847 in nbd-server",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/05/07/9"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-05-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly handle signals, which allows remote attackers to cause a denial of service (deadlock) via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-12-29T18:57:01.000Z",
            "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
            "shortName": "debian"
          },
          "references": [
            {
              "name": "DSA-3271",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2015/dsa-3271"
            },
            {
              "name": "[Nbd] 20150507 [PATCH] nbd-server: fix unsafe signal handling",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://sourceforge.net/p/nbd/mailman/message/34091218/"
            },
            {
              "name": "USN-2676-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2676-1"
            },
            {
              "name": "openSUSE-SU-2015:0994",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00003.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sourceforge.net/projects/nbd/files/nbd/3.11/"
            },
            {
              "name": "[oss-security] 20150507 CVE-2015-0847 in nbd-server",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/05/07/9"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@debian.org",
              "ID": "CVE-2015-0847",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly handle signals, which allows remote attackers to cause a denial of service (deadlock) via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-3271",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2015/dsa-3271"
                },
                {
                  "name": "[Nbd] 20150507 [PATCH] nbd-server: fix unsafe signal handling",
                  "refsource": "MLIST",
                  "url": "http://sourceforge.net/p/nbd/mailman/message/34091218/"
                },
                {
                  "name": "USN-2676-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-2676-1"
                },
                {
                  "name": "openSUSE-SU-2015:0994",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00003.html"
                },
                {
                  "name": "http://sourceforge.net/projects/nbd/files/nbd/3.11/",
                  "refsource": "CONFIRM",
                  "url": "http://sourceforge.net/projects/nbd/files/nbd/3.11/"
                },
                {
                  "name": "[oss-security] 20150507 CVE-2015-0847 in nbd-server",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/05/07/9"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "assignerShortName": "debian",
        "cveId": "CVE-2015-0847",
        "datePublished": "2015-05-29T15:00:00.000Z",
        "dateReserved": "2015-01-07T00:00:00.000Z",
        "dateUpdated": "2024-08-06T04:26:11.372Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-7441 (GCVE-0-2013-7441)

    Vulnerability from nvd – Published: 2015-05-29 15:00 – Updated: 2024-08-06 18:09
    VLAI
    Summary
    The modern style negotiation in Network Block Device (nbd-server) 2.9.22 through 3.3 allows remote attackers to cause a denial of service (root process termination) by (1) closing the connection during negotiation or (2) specifying a name for a non-existent export.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2013-01-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T18:09:16.094Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "74808",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/74808"
              },
              {
                "name": "DSA-3271",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2015/dsa-3271"
              },
              {
                "name": "[oss-security] 20150519 CVE Request: nbd denial of service",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/05/19/6"
              },
              {
                "name": "[oss-security] 20150521 Re: CVE Request: nbd denial of service",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/05/21/5"
              },
              {
                "name": "USN-2676-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-2676-1"
              },
              {
                "name": "[Nbd] 20130128 NBD server terminates on SIGPIPE during negotiation",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/p/nbd/mailman/message/30410146/"
              },
              {
                "name": "openSUSE-SU-2015:0994",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00003.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781547"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/yoe/nbd/commit/741495cb08503fd32a9d22648e63b64390c601f4"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-01-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The modern style negotiation in Network Block Device (nbd-server) 2.9.22 through 3.3 allows remote attackers to cause a denial of service (root process termination) by (1) closing the connection during negotiation or (2) specifying a name for a non-existent export."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-12-29T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "74808",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/74808"
            },
            {
              "name": "DSA-3271",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2015/dsa-3271"
            },
            {
              "name": "[oss-security] 20150519 CVE Request: nbd denial of service",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/05/19/6"
            },
            {
              "name": "[oss-security] 20150521 Re: CVE Request: nbd denial of service",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/05/21/5"
            },
            {
              "name": "USN-2676-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2676-1"
            },
            {
              "name": "[Nbd] 20130128 NBD server terminates on SIGPIPE during negotiation",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://sourceforge.net/p/nbd/mailman/message/30410146/"
            },
            {
              "name": "openSUSE-SU-2015:0994",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00003.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781547"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/yoe/nbd/commit/741495cb08503fd32a9d22648e63b64390c601f4"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-7441",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The modern style negotiation in Network Block Device (nbd-server) 2.9.22 through 3.3 allows remote attackers to cause a denial of service (root process termination) by (1) closing the connection during negotiation or (2) specifying a name for a non-existent export."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "74808",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/74808"
                },
                {
                  "name": "DSA-3271",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2015/dsa-3271"
                },
                {
                  "name": "[oss-security] 20150519 CVE Request: nbd denial of service",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/05/19/6"
                },
                {
                  "name": "[oss-security] 20150521 Re: CVE Request: nbd denial of service",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/05/21/5"
                },
                {
                  "name": "USN-2676-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-2676-1"
                },
                {
                  "name": "[Nbd] 20130128 NBD server terminates on SIGPIPE during negotiation",
                  "refsource": "MLIST",
                  "url": "http://sourceforge.net/p/nbd/mailman/message/30410146/"
                },
                {
                  "name": "openSUSE-SU-2015:0994",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00003.html"
                },
                {
                  "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781547",
                  "refsource": "CONFIRM",
                  "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781547"
                },
                {
                  "name": "https://github.com/yoe/nbd/commit/741495cb08503fd32a9d22648e63b64390c601f4",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/yoe/nbd/commit/741495cb08503fd32a9d22648e63b64390c601f4"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-7441",
        "datePublished": "2015-05-29T15:00:00.000Z",
        "dateReserved": "2015-05-21T00:00:00.000Z",
        "dateUpdated": "2024-08-06T18:09:16.094Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-6410 (GCVE-0-2013-6410)

    Vulnerability from nvd – Published: 2013-12-07 20:00 – Updated: 2024-08-06 17:39
    VLAI
    Summary
    nbd-server in Network Block Device (nbd) before 3.5 does not properly check IP addresses, which might allow remote attackers to bypass intended access restrictions via an IP address that has a partial match in the authfile configuration file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/64002 vdb-entryx_refsource_BID
    http://www.ubuntu.com/usn/USN-2676-1 vendor-advisoryx_refsource_UBUNTU
    http://www.openwall.com/lists/oss-security/2013/11/29/4 mailing-listx_refsource_MLIST
    http://sourceforge.net/mailarchive/forum.php?thre… mailing-listx_refsource_MLIST
    http://www.debian.org/security/2013/dsa-2806 vendor-advisoryx_refsource_DEBIAN
    Date Public
    2013-11-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:39:01.232Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "64002",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/64002"
              },
              {
                "name": "USN-2676-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-2676-1"
              },
              {
                "name": "[oss-security] 20131129 Re: CVE request: incorrect parsing of access control  file in nbd-server",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2013/11/29/4"
              },
              {
                "name": "[nbd-general] 20131201 [Nbd] 3.5 released",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=529BAA58.2080401%40uter.be\u0026forum_name=nbd-general"
              },
              {
                "name": "DSA-2806",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2013/dsa-2806"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-11-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "nbd-server in Network Block Device (nbd) before 3.5 does not properly check IP addresses, which might allow remote attackers to bypass intended access restrictions via an IP address that has a partial match in the authfile configuration file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-11-25T19:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "64002",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/64002"
            },
            {
              "name": "USN-2676-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2676-1"
            },
            {
              "name": "[oss-security] 20131129 Re: CVE request: incorrect parsing of access control  file in nbd-server",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2013/11/29/4"
            },
            {
              "name": "[nbd-general] 20131201 [Nbd] 3.5 released",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=529BAA58.2080401%40uter.be\u0026forum_name=nbd-general"
            },
            {
              "name": "DSA-2806",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2013/dsa-2806"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2013-6410",
        "datePublished": "2013-12-07T20:00:00.000Z",
        "dateReserved": "2013-11-04T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:39:01.232Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-1925 (GCVE-0-2011-1925)

    Vulnerability from nvd – Published: 2011-05-31 20:00 – Updated: 2024-08-06 22:46
    VLAI
    Summary
    nbd-server.c in Network Block Device (nbd-server) 2.9.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by causing a negotiation failure, as demonstrated by specifying a name for a non-existent export.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2011-05-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:46:00.646Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627042."
              },
              {
                "name": "GLSA-201206-35",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-201206-35.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://nbd.git.sourceforge.net/git/gitweb.cgi?p=nbd/nbd%3Ba=commitdiff%3Bh=ebbbe0b3ce5393fa42a259f5e03d549508586aaa"
              },
              {
                "name": "[oss-security] 20110517 CVE request: nbd-server",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2011/05/17/1"
              },
              {
                "name": "networkblock-negotiation-dos(67502)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67502"
              },
              {
                "name": "47884",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/47884"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-05-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "nbd-server.c in Network Block Device (nbd-server) 2.9.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by causing a negotiation failure, as demonstrated by specifying a name for a non-existent export."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627042."
            },
            {
              "name": "GLSA-201206-35",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-201206-35.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://nbd.git.sourceforge.net/git/gitweb.cgi?p=nbd/nbd%3Ba=commitdiff%3Bh=ebbbe0b3ce5393fa42a259f5e03d549508586aaa"
            },
            {
              "name": "[oss-security] 20110517 CVE request: nbd-server",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/05/17/1"
            },
            {
              "name": "networkblock-negotiation-dos(67502)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67502"
            },
            {
              "name": "47884",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/47884"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2011-1925",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "nbd-server.c in Network Block Device (nbd-server) 2.9.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by causing a negotiation failure, as demonstrated by specifying a name for a non-existent export."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627042.",
                  "refsource": "MISC",
                  "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627042."
                },
                {
                  "name": "GLSA-201206-35",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-201206-35.xml"
                },
                {
                  "name": "http://nbd.git.sourceforge.net/git/gitweb.cgi?p=nbd/nbd;a=commitdiff;h=ebbbe0b3ce5393fa42a259f5e03d549508586aaa",
                  "refsource": "CONFIRM",
                  "url": "http://nbd.git.sourceforge.net/git/gitweb.cgi?p=nbd/nbd;a=commitdiff;h=ebbbe0b3ce5393fa42a259f5e03d549508586aaa"
                },
                {
                  "name": "[oss-security] 20110517 CVE request: nbd-server",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2011/05/17/1"
                },
                {
                  "name": "networkblock-negotiation-dos(67502)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67502"
                },
                {
                  "name": "47884",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/47884"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-1925",
        "datePublished": "2011-05-31T20:00:00.000Z",
        "dateReserved": "2011-05-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:46:00.646Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-0530 (GCVE-0-2011-0530)

    Vulnerability from nvd – Published: 2011-02-22 18:00 – Updated: 2024-08-06 21:58
    VLAI
    Summary
    Buffer overflow in the mainloop function in nbd-server.c in the server in Network Block Device (nbd) before 2.9.20 might allow remote attackers to execute arbitrary code via a long request. NOTE: this issue exists because of a CVE-2005-3534 regression.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2011-01-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T21:58:25.565Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "GLSA-201206-35",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-201206-35.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/yoe/nbd/commit/3ef52043861ab16352d49af89e048ba6339d6df8"
              },
              {
                "name": "43610",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43610"
              },
              {
                "name": "FEDORA-2011-1097",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054071.html"
              },
              {
                "name": "ADV-2011-0403",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0403"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=673562"
              },
              {
                "name": "[oss-security] 20110128 CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2011/01/28/3"
              },
              {
                "name": "SUSE-SR:2011:005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
              },
              {
                "name": "networkblock-nbdserver-bo(65720)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65720"
              },
              {
                "name": "[oss-security] 20110131 Re: CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2011/01/31/7"
              },
              {
                "name": "ADV-2011-0582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0582"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611187"
              },
              {
                "name": "FEDORA-2011-1108",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054083.html"
              },
              {
                "name": "46572",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/46572"
              },
              {
                "name": "openSUSE-SU-2011:0193",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "https://hermes.opensuse.org/messages/8086846"
              },
              {
                "name": "DSA-2183",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2011/dsa-2183"
              },
              {
                "name": "43353",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43353"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-01-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the mainloop function in nbd-server.c in the server in Network Block Device (nbd) before 2.9.20 might allow remote attackers to execute arbitrary code via a long request.  NOTE: this issue exists because of a CVE-2005-3534 regression."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "GLSA-201206-35",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-201206-35.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/yoe/nbd/commit/3ef52043861ab16352d49af89e048ba6339d6df8"
            },
            {
              "name": "43610",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43610"
            },
            {
              "name": "FEDORA-2011-1097",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054071.html"
            },
            {
              "name": "ADV-2011-0403",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0403"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=673562"
            },
            {
              "name": "[oss-security] 20110128 CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2011/01/28/3"
            },
            {
              "name": "SUSE-SR:2011:005",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
            },
            {
              "name": "networkblock-nbdserver-bo(65720)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65720"
            },
            {
              "name": "[oss-security] 20110131 Re: CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2011/01/31/7"
            },
            {
              "name": "ADV-2011-0582",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0582"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611187"
            },
            {
              "name": "FEDORA-2011-1108",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054083.html"
            },
            {
              "name": "46572",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/46572"
            },
            {
              "name": "openSUSE-SU-2011:0193",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "https://hermes.opensuse.org/messages/8086846"
            },
            {
              "name": "DSA-2183",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2011/dsa-2183"
            },
            {
              "name": "43353",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43353"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2011-0530",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the mainloop function in nbd-server.c in the server in Network Block Device (nbd) before 2.9.20 might allow remote attackers to execute arbitrary code via a long request.  NOTE: this issue exists because of a CVE-2005-3534 regression."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "GLSA-201206-35",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-201206-35.xml"
                },
                {
                  "name": "https://github.com/yoe/nbd/commit/3ef52043861ab16352d49af89e048ba6339d6df8",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/yoe/nbd/commit/3ef52043861ab16352d49af89e048ba6339d6df8"
                },
                {
                  "name": "43610",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43610"
                },
                {
                  "name": "FEDORA-2011-1097",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054071.html"
                },
                {
                  "name": "ADV-2011-0403",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0403"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=673562",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=673562"
                },
                {
                  "name": "[oss-security] 20110128 CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version",
                  "refsource": "MLIST",
                  "url": "http://openwall.com/lists/oss-security/2011/01/28/3"
                },
                {
                  "name": "SUSE-SR:2011:005",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
                },
                {
                  "name": "networkblock-nbdserver-bo(65720)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65720"
                },
                {
                  "name": "[oss-security] 20110131 Re: CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version",
                  "refsource": "MLIST",
                  "url": "http://openwall.com/lists/oss-security/2011/01/31/7"
                },
                {
                  "name": "ADV-2011-0582",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0582"
                },
                {
                  "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611187",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611187"
                },
                {
                  "name": "FEDORA-2011-1108",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054083.html"
                },
                {
                  "name": "46572",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/46572"
                },
                {
                  "name": "openSUSE-SU-2011:0193",
                  "refsource": "SUSE",
                  "url": "https://hermes.opensuse.org/messages/8086846"
                },
                {
                  "name": "DSA-2183",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2011/dsa-2183"
                },
                {
                  "name": "43353",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43353"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-0530",
        "datePublished": "2011-02-22T18:00:00.000Z",
        "dateReserved": "2011-01-20T00:00:00.000Z",
        "dateUpdated": "2024-08-06T21:58:25.565Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3534 (GCVE-0-2005-3534)

    Vulnerability from nvd – Published: 2005-12-22 21:00 – Updated: 2024-08-07 23:17
    VLAI
    Summary
    Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/43610 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/18503 third-party-advisoryx_refsource_SECUNIA
    http://www.debian.org/security/2005/dsa-924 vendor-advisoryx_refsource_DEBIAN
    http://www.osvdb.org/21848 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/18209 third-party-advisoryx_refsource_SECUNIA
    https://usn.ubuntu.com/237-1/ vendor-advisoryx_refsource_UBUNTU
    http://secunia.com/advisories/18171 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/16029 vdb-entryx_refsource_BID
    http://secunia.com/advisories/18135 third-party-advisoryx_refsource_SECUNIA
    http://www.gentoo.org/security/en/glsa/glsa-20051… vendor-advisoryx_refsource_GENTOO
    http://sourceforge.net/project/shownotes.php?rele… x_refsource_CONFIRM
    http://sourceforge.net/mailarchive/forum.php?thre… x_refsource_MISC
    http://sourceforge.net/project/shownotes.php?rele… x_refsource_CONFIRM
    http://bugs.gentoo.org/show_bug.cgi?id=116314 x_refsource_MISC
    http://secunia.com/advisories/43353 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/18315 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2005-12-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:17:22.827Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "43610",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43610"
              },
              {
                "name": "18503",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18503"
              },
              {
                "name": "DSA-924",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-924"
              },
              {
                "name": "21848",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/21848"
              },
              {
                "name": "18209",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18209"
              },
              {
                "name": "USN-237-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/237-1/"
              },
              {
                "name": "18171",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18171"
              },
              {
                "name": "16029",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16029"
              },
              {
                "name": "18135",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18135"
              },
              {
                "name": "GLSA-200512-14",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-14.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/project/shownotes.php?release_id=380210\u0026group_id=13229"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=9201144\u0026forum_id=40388"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/project/shownotes.php?release_id=380202\u0026group_id=13229"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://bugs.gentoo.org/show_bug.cgi?id=116314"
              },
              {
                "name": "43353",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43353"
              },
              {
                "name": "18315",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18315"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-12-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-03T20:57:01.000Z",
            "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
            "shortName": "debian"
          },
          "references": [
            {
              "name": "43610",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43610"
            },
            {
              "name": "18503",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18503"
            },
            {
              "name": "DSA-924",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-924"
            },
            {
              "name": "21848",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/21848"
            },
            {
              "name": "18209",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18209"
            },
            {
              "name": "USN-237-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/237-1/"
            },
            {
              "name": "18171",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18171"
            },
            {
              "name": "16029",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16029"
            },
            {
              "name": "18135",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18135"
            },
            {
              "name": "GLSA-200512-14",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-14.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sourceforge.net/project/shownotes.php?release_id=380210\u0026group_id=13229"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=9201144\u0026forum_id=40388"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sourceforge.net/project/shownotes.php?release_id=380202\u0026group_id=13229"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=116314"
            },
            {
              "name": "43353",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43353"
            },
            {
              "name": "18315",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18315"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@debian.org",
              "ID": "CVE-2005-3534",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "43610",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43610"
                },
                {
                  "name": "18503",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18503"
                },
                {
                  "name": "DSA-924",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2005/dsa-924"
                },
                {
                  "name": "21848",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/21848"
                },
                {
                  "name": "18209",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18209"
                },
                {
                  "name": "USN-237-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/237-1/"
                },
                {
                  "name": "18171",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18171"
                },
                {
                  "name": "16029",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16029"
                },
                {
                  "name": "18135",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18135"
                },
                {
                  "name": "GLSA-200512-14",
                  "refsource": "GENTOO",
                  "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-14.xml"
                },
                {
                  "name": "http://sourceforge.net/project/shownotes.php?release_id=380210\u0026group_id=13229",
                  "refsource": "CONFIRM",
                  "url": "http://sourceforge.net/project/shownotes.php?release_id=380210\u0026group_id=13229"
                },
                {
                  "name": "http://sourceforge.net/mailarchive/forum.php?thread_id=9201144\u0026forum_id=40388",
                  "refsource": "MISC",
                  "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=9201144\u0026forum_id=40388"
                },
                {
                  "name": "http://sourceforge.net/project/shownotes.php?release_id=380202\u0026group_id=13229",
                  "refsource": "CONFIRM",
                  "url": "http://sourceforge.net/project/shownotes.php?release_id=380202\u0026group_id=13229"
                },
                {
                  "name": "http://bugs.gentoo.org/show_bug.cgi?id=116314",
                  "refsource": "MISC",
                  "url": "http://bugs.gentoo.org/show_bug.cgi?id=116314"
                },
                {
                  "name": "43353",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43353"
                },
                {
                  "name": "18315",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18315"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "assignerShortName": "debian",
        "cveId": "CVE-2005-3534",
        "datePublished": "2005-12-22T21:00:00.000Z",
        "dateReserved": "2005-11-16T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:17:22.827Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-7441 (GCVE-0-2013-7441)

    Vulnerability from cvelistv5 – Published: 2015-05-29 15:00 – Updated: 2024-08-06 18:09
    VLAI
    Summary
    The modern style negotiation in Network Block Device (nbd-server) 2.9.22 through 3.3 allows remote attackers to cause a denial of service (root process termination) by (1) closing the connection during negotiation or (2) specifying a name for a non-existent export.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2013-01-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T18:09:16.094Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "74808",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/74808"
              },
              {
                "name": "DSA-3271",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2015/dsa-3271"
              },
              {
                "name": "[oss-security] 20150519 CVE Request: nbd denial of service",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/05/19/6"
              },
              {
                "name": "[oss-security] 20150521 Re: CVE Request: nbd denial of service",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/05/21/5"
              },
              {
                "name": "USN-2676-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-2676-1"
              },
              {
                "name": "[Nbd] 20130128 NBD server terminates on SIGPIPE during negotiation",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/p/nbd/mailman/message/30410146/"
              },
              {
                "name": "openSUSE-SU-2015:0994",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00003.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781547"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/yoe/nbd/commit/741495cb08503fd32a9d22648e63b64390c601f4"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-01-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The modern style negotiation in Network Block Device (nbd-server) 2.9.22 through 3.3 allows remote attackers to cause a denial of service (root process termination) by (1) closing the connection during negotiation or (2) specifying a name for a non-existent export."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-12-29T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "74808",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/74808"
            },
            {
              "name": "DSA-3271",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2015/dsa-3271"
            },
            {
              "name": "[oss-security] 20150519 CVE Request: nbd denial of service",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/05/19/6"
            },
            {
              "name": "[oss-security] 20150521 Re: CVE Request: nbd denial of service",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/05/21/5"
            },
            {
              "name": "USN-2676-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2676-1"
            },
            {
              "name": "[Nbd] 20130128 NBD server terminates on SIGPIPE during negotiation",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://sourceforge.net/p/nbd/mailman/message/30410146/"
            },
            {
              "name": "openSUSE-SU-2015:0994",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00003.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781547"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/yoe/nbd/commit/741495cb08503fd32a9d22648e63b64390c601f4"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-7441",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The modern style negotiation in Network Block Device (nbd-server) 2.9.22 through 3.3 allows remote attackers to cause a denial of service (root process termination) by (1) closing the connection during negotiation or (2) specifying a name for a non-existent export."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "74808",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/74808"
                },
                {
                  "name": "DSA-3271",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2015/dsa-3271"
                },
                {
                  "name": "[oss-security] 20150519 CVE Request: nbd denial of service",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/05/19/6"
                },
                {
                  "name": "[oss-security] 20150521 Re: CVE Request: nbd denial of service",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/05/21/5"
                },
                {
                  "name": "USN-2676-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-2676-1"
                },
                {
                  "name": "[Nbd] 20130128 NBD server terminates on SIGPIPE during negotiation",
                  "refsource": "MLIST",
                  "url": "http://sourceforge.net/p/nbd/mailman/message/30410146/"
                },
                {
                  "name": "openSUSE-SU-2015:0994",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00003.html"
                },
                {
                  "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781547",
                  "refsource": "CONFIRM",
                  "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781547"
                },
                {
                  "name": "https://github.com/yoe/nbd/commit/741495cb08503fd32a9d22648e63b64390c601f4",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/yoe/nbd/commit/741495cb08503fd32a9d22648e63b64390c601f4"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-7441",
        "datePublished": "2015-05-29T15:00:00.000Z",
        "dateReserved": "2015-05-21T00:00:00.000Z",
        "dateUpdated": "2024-08-06T18:09:16.094Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-0847 (GCVE-0-2015-0847)

    Vulnerability from cvelistv5 – Published: 2015-05-29 15:00 – Updated: 2024-08-06 04:26
    VLAI
    Summary
    nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly handle signals, which allows remote attackers to cause a denial of service (deadlock) via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.debian.org/security/2015/dsa-3271 vendor-advisoryx_refsource_DEBIAN
    http://sourceforge.net/p/nbd/mailman/message/34091218/ mailing-listx_refsource_MLIST
    http://www.ubuntu.com/usn/USN-2676-1 vendor-advisoryx_refsource_UBUNTU
    http://lists.opensuse.org/opensuse-updates/2015-0… vendor-advisoryx_refsource_SUSE
    http://sourceforge.net/projects/nbd/files/nbd/3.11/ x_refsource_CONFIRM
    http://www.openwall.com/lists/oss-security/2015/05/07/9 mailing-listx_refsource_MLIST
    Date Public
    2015-05-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T04:26:11.372Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-3271",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2015/dsa-3271"
              },
              {
                "name": "[Nbd] 20150507 [PATCH] nbd-server: fix unsafe signal handling",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/p/nbd/mailman/message/34091218/"
              },
              {
                "name": "USN-2676-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-2676-1"
              },
              {
                "name": "openSUSE-SU-2015:0994",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00003.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/projects/nbd/files/nbd/3.11/"
              },
              {
                "name": "[oss-security] 20150507 CVE-2015-0847 in nbd-server",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/05/07/9"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-05-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly handle signals, which allows remote attackers to cause a denial of service (deadlock) via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-12-29T18:57:01.000Z",
            "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
            "shortName": "debian"
          },
          "references": [
            {
              "name": "DSA-3271",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2015/dsa-3271"
            },
            {
              "name": "[Nbd] 20150507 [PATCH] nbd-server: fix unsafe signal handling",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://sourceforge.net/p/nbd/mailman/message/34091218/"
            },
            {
              "name": "USN-2676-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2676-1"
            },
            {
              "name": "openSUSE-SU-2015:0994",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00003.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sourceforge.net/projects/nbd/files/nbd/3.11/"
            },
            {
              "name": "[oss-security] 20150507 CVE-2015-0847 in nbd-server",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/05/07/9"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@debian.org",
              "ID": "CVE-2015-0847",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly handle signals, which allows remote attackers to cause a denial of service (deadlock) via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-3271",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2015/dsa-3271"
                },
                {
                  "name": "[Nbd] 20150507 [PATCH] nbd-server: fix unsafe signal handling",
                  "refsource": "MLIST",
                  "url": "http://sourceforge.net/p/nbd/mailman/message/34091218/"
                },
                {
                  "name": "USN-2676-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-2676-1"
                },
                {
                  "name": "openSUSE-SU-2015:0994",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00003.html"
                },
                {
                  "name": "http://sourceforge.net/projects/nbd/files/nbd/3.11/",
                  "refsource": "CONFIRM",
                  "url": "http://sourceforge.net/projects/nbd/files/nbd/3.11/"
                },
                {
                  "name": "[oss-security] 20150507 CVE-2015-0847 in nbd-server",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/05/07/9"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "assignerShortName": "debian",
        "cveId": "CVE-2015-0847",
        "datePublished": "2015-05-29T15:00:00.000Z",
        "dateReserved": "2015-01-07T00:00:00.000Z",
        "dateUpdated": "2024-08-06T04:26:11.372Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-6410 (GCVE-0-2013-6410)

    Vulnerability from cvelistv5 – Published: 2013-12-07 20:00 – Updated: 2024-08-06 17:39
    VLAI
    Summary
    nbd-server in Network Block Device (nbd) before 3.5 does not properly check IP addresses, which might allow remote attackers to bypass intended access restrictions via an IP address that has a partial match in the authfile configuration file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/64002 vdb-entryx_refsource_BID
    http://www.ubuntu.com/usn/USN-2676-1 vendor-advisoryx_refsource_UBUNTU
    http://www.openwall.com/lists/oss-security/2013/11/29/4 mailing-listx_refsource_MLIST
    http://sourceforge.net/mailarchive/forum.php?thre… mailing-listx_refsource_MLIST
    http://www.debian.org/security/2013/dsa-2806 vendor-advisoryx_refsource_DEBIAN
    Date Public
    2013-11-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:39:01.232Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "64002",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/64002"
              },
              {
                "name": "USN-2676-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-2676-1"
              },
              {
                "name": "[oss-security] 20131129 Re: CVE request: incorrect parsing of access control  file in nbd-server",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2013/11/29/4"
              },
              {
                "name": "[nbd-general] 20131201 [Nbd] 3.5 released",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=529BAA58.2080401%40uter.be\u0026forum_name=nbd-general"
              },
              {
                "name": "DSA-2806",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2013/dsa-2806"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-11-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "nbd-server in Network Block Device (nbd) before 3.5 does not properly check IP addresses, which might allow remote attackers to bypass intended access restrictions via an IP address that has a partial match in the authfile configuration file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-11-25T19:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "64002",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/64002"
            },
            {
              "name": "USN-2676-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2676-1"
            },
            {
              "name": "[oss-security] 20131129 Re: CVE request: incorrect parsing of access control  file in nbd-server",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2013/11/29/4"
            },
            {
              "name": "[nbd-general] 20131201 [Nbd] 3.5 released",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=529BAA58.2080401%40uter.be\u0026forum_name=nbd-general"
            },
            {
              "name": "DSA-2806",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2013/dsa-2806"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2013-6410",
        "datePublished": "2013-12-07T20:00:00.000Z",
        "dateReserved": "2013-11-04T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:39:01.232Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-1925 (GCVE-0-2011-1925)

    Vulnerability from cvelistv5 – Published: 2011-05-31 20:00 – Updated: 2024-08-06 22:46
    VLAI
    Summary
    nbd-server.c in Network Block Device (nbd-server) 2.9.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by causing a negotiation failure, as demonstrated by specifying a name for a non-existent export.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2011-05-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:46:00.646Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627042."
              },
              {
                "name": "GLSA-201206-35",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-201206-35.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://nbd.git.sourceforge.net/git/gitweb.cgi?p=nbd/nbd%3Ba=commitdiff%3Bh=ebbbe0b3ce5393fa42a259f5e03d549508586aaa"
              },
              {
                "name": "[oss-security] 20110517 CVE request: nbd-server",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2011/05/17/1"
              },
              {
                "name": "networkblock-negotiation-dos(67502)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67502"
              },
              {
                "name": "47884",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/47884"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-05-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "nbd-server.c in Network Block Device (nbd-server) 2.9.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by causing a negotiation failure, as demonstrated by specifying a name for a non-existent export."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627042."
            },
            {
              "name": "GLSA-201206-35",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-201206-35.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://nbd.git.sourceforge.net/git/gitweb.cgi?p=nbd/nbd%3Ba=commitdiff%3Bh=ebbbe0b3ce5393fa42a259f5e03d549508586aaa"
            },
            {
              "name": "[oss-security] 20110517 CVE request: nbd-server",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/05/17/1"
            },
            {
              "name": "networkblock-negotiation-dos(67502)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67502"
            },
            {
              "name": "47884",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/47884"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2011-1925",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "nbd-server.c in Network Block Device (nbd-server) 2.9.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by causing a negotiation failure, as demonstrated by specifying a name for a non-existent export."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627042.",
                  "refsource": "MISC",
                  "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627042."
                },
                {
                  "name": "GLSA-201206-35",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-201206-35.xml"
                },
                {
                  "name": "http://nbd.git.sourceforge.net/git/gitweb.cgi?p=nbd/nbd;a=commitdiff;h=ebbbe0b3ce5393fa42a259f5e03d549508586aaa",
                  "refsource": "CONFIRM",
                  "url": "http://nbd.git.sourceforge.net/git/gitweb.cgi?p=nbd/nbd;a=commitdiff;h=ebbbe0b3ce5393fa42a259f5e03d549508586aaa"
                },
                {
                  "name": "[oss-security] 20110517 CVE request: nbd-server",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2011/05/17/1"
                },
                {
                  "name": "networkblock-negotiation-dos(67502)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67502"
                },
                {
                  "name": "47884",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/47884"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-1925",
        "datePublished": "2011-05-31T20:00:00.000Z",
        "dateReserved": "2011-05-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:46:00.646Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-0530 (GCVE-0-2011-0530)

    Vulnerability from cvelistv5 – Published: 2011-02-22 18:00 – Updated: 2024-08-06 21:58
    VLAI
    Summary
    Buffer overflow in the mainloop function in nbd-server.c in the server in Network Block Device (nbd) before 2.9.20 might allow remote attackers to execute arbitrary code via a long request. NOTE: this issue exists because of a CVE-2005-3534 regression.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2011-01-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T21:58:25.565Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "GLSA-201206-35",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-201206-35.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/yoe/nbd/commit/3ef52043861ab16352d49af89e048ba6339d6df8"
              },
              {
                "name": "43610",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43610"
              },
              {
                "name": "FEDORA-2011-1097",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054071.html"
              },
              {
                "name": "ADV-2011-0403",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0403"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=673562"
              },
              {
                "name": "[oss-security] 20110128 CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2011/01/28/3"
              },
              {
                "name": "SUSE-SR:2011:005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
              },
              {
                "name": "networkblock-nbdserver-bo(65720)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65720"
              },
              {
                "name": "[oss-security] 20110131 Re: CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2011/01/31/7"
              },
              {
                "name": "ADV-2011-0582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0582"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611187"
              },
              {
                "name": "FEDORA-2011-1108",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054083.html"
              },
              {
                "name": "46572",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/46572"
              },
              {
                "name": "openSUSE-SU-2011:0193",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "https://hermes.opensuse.org/messages/8086846"
              },
              {
                "name": "DSA-2183",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2011/dsa-2183"
              },
              {
                "name": "43353",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43353"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-01-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the mainloop function in nbd-server.c in the server in Network Block Device (nbd) before 2.9.20 might allow remote attackers to execute arbitrary code via a long request.  NOTE: this issue exists because of a CVE-2005-3534 regression."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "GLSA-201206-35",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-201206-35.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/yoe/nbd/commit/3ef52043861ab16352d49af89e048ba6339d6df8"
            },
            {
              "name": "43610",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43610"
            },
            {
              "name": "FEDORA-2011-1097",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054071.html"
            },
            {
              "name": "ADV-2011-0403",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0403"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=673562"
            },
            {
              "name": "[oss-security] 20110128 CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2011/01/28/3"
            },
            {
              "name": "SUSE-SR:2011:005",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
            },
            {
              "name": "networkblock-nbdserver-bo(65720)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65720"
            },
            {
              "name": "[oss-security] 20110131 Re: CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2011/01/31/7"
            },
            {
              "name": "ADV-2011-0582",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0582"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611187"
            },
            {
              "name": "FEDORA-2011-1108",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054083.html"
            },
            {
              "name": "46572",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/46572"
            },
            {
              "name": "openSUSE-SU-2011:0193",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "https://hermes.opensuse.org/messages/8086846"
            },
            {
              "name": "DSA-2183",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2011/dsa-2183"
            },
            {
              "name": "43353",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43353"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2011-0530",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the mainloop function in nbd-server.c in the server in Network Block Device (nbd) before 2.9.20 might allow remote attackers to execute arbitrary code via a long request.  NOTE: this issue exists because of a CVE-2005-3534 regression."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "GLSA-201206-35",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-201206-35.xml"
                },
                {
                  "name": "https://github.com/yoe/nbd/commit/3ef52043861ab16352d49af89e048ba6339d6df8",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/yoe/nbd/commit/3ef52043861ab16352d49af89e048ba6339d6df8"
                },
                {
                  "name": "43610",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43610"
                },
                {
                  "name": "FEDORA-2011-1097",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054071.html"
                },
                {
                  "name": "ADV-2011-0403",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0403"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=673562",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=673562"
                },
                {
                  "name": "[oss-security] 20110128 CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version",
                  "refsource": "MLIST",
                  "url": "http://openwall.com/lists/oss-security/2011/01/28/3"
                },
                {
                  "name": "SUSE-SR:2011:005",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
                },
                {
                  "name": "networkblock-nbdserver-bo(65720)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65720"
                },
                {
                  "name": "[oss-security] 20110131 Re: CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version",
                  "refsource": "MLIST",
                  "url": "http://openwall.com/lists/oss-security/2011/01/31/7"
                },
                {
                  "name": "ADV-2011-0582",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0582"
                },
                {
                  "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611187",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611187"
                },
                {
                  "name": "FEDORA-2011-1108",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054083.html"
                },
                {
                  "name": "46572",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/46572"
                },
                {
                  "name": "openSUSE-SU-2011:0193",
                  "refsource": "SUSE",
                  "url": "https://hermes.opensuse.org/messages/8086846"
                },
                {
                  "name": "DSA-2183",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2011/dsa-2183"
                },
                {
                  "name": "43353",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43353"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-0530",
        "datePublished": "2011-02-22T18:00:00.000Z",
        "dateReserved": "2011-01-20T00:00:00.000Z",
        "dateUpdated": "2024-08-06T21:58:25.565Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3534 (GCVE-0-2005-3534)

    Vulnerability from cvelistv5 – Published: 2005-12-22 21:00 – Updated: 2024-08-07 23:17
    VLAI
    Summary
    Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/43610 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/18503 third-party-advisoryx_refsource_SECUNIA
    http://www.debian.org/security/2005/dsa-924 vendor-advisoryx_refsource_DEBIAN
    http://www.osvdb.org/21848 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/18209 third-party-advisoryx_refsource_SECUNIA
    https://usn.ubuntu.com/237-1/ vendor-advisoryx_refsource_UBUNTU
    http://secunia.com/advisories/18171 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/16029 vdb-entryx_refsource_BID
    http://secunia.com/advisories/18135 third-party-advisoryx_refsource_SECUNIA
    http://www.gentoo.org/security/en/glsa/glsa-20051… vendor-advisoryx_refsource_GENTOO
    http://sourceforge.net/project/shownotes.php?rele… x_refsource_CONFIRM
    http://sourceforge.net/mailarchive/forum.php?thre… x_refsource_MISC
    http://sourceforge.net/project/shownotes.php?rele… x_refsource_CONFIRM
    http://bugs.gentoo.org/show_bug.cgi?id=116314 x_refsource_MISC
    http://secunia.com/advisories/43353 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/18315 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2005-12-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:17:22.827Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "43610",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43610"
              },
              {
                "name": "18503",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18503"
              },
              {
                "name": "DSA-924",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-924"
              },
              {
                "name": "21848",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/21848"
              },
              {
                "name": "18209",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18209"
              },
              {
                "name": "USN-237-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/237-1/"
              },
              {
                "name": "18171",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18171"
              },
              {
                "name": "16029",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16029"
              },
              {
                "name": "18135",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18135"
              },
              {
                "name": "GLSA-200512-14",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-14.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/project/shownotes.php?release_id=380210\u0026group_id=13229"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=9201144\u0026forum_id=40388"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/project/shownotes.php?release_id=380202\u0026group_id=13229"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://bugs.gentoo.org/show_bug.cgi?id=116314"
              },
              {
                "name": "43353",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43353"
              },
              {
                "name": "18315",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18315"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-12-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-03T20:57:01.000Z",
            "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
            "shortName": "debian"
          },
          "references": [
            {
              "name": "43610",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43610"
            },
            {
              "name": "18503",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18503"
            },
            {
              "name": "DSA-924",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-924"
            },
            {
              "name": "21848",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/21848"
            },
            {
              "name": "18209",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18209"
            },
            {
              "name": "USN-237-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/237-1/"
            },
            {
              "name": "18171",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18171"
            },
            {
              "name": "16029",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16029"
            },
            {
              "name": "18135",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18135"
            },
            {
              "name": "GLSA-200512-14",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-14.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sourceforge.net/project/shownotes.php?release_id=380210\u0026group_id=13229"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=9201144\u0026forum_id=40388"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sourceforge.net/project/shownotes.php?release_id=380202\u0026group_id=13229"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=116314"
            },
            {
              "name": "43353",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43353"
            },
            {
              "name": "18315",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18315"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@debian.org",
              "ID": "CVE-2005-3534",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "43610",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43610"
                },
                {
                  "name": "18503",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18503"
                },
                {
                  "name": "DSA-924",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2005/dsa-924"
                },
                {
                  "name": "21848",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/21848"
                },
                {
                  "name": "18209",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18209"
                },
                {
                  "name": "USN-237-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/237-1/"
                },
                {
                  "name": "18171",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18171"
                },
                {
                  "name": "16029",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16029"
                },
                {
                  "name": "18135",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18135"
                },
                {
                  "name": "GLSA-200512-14",
                  "refsource": "GENTOO",
                  "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-14.xml"
                },
                {
                  "name": "http://sourceforge.net/project/shownotes.php?release_id=380210\u0026group_id=13229",
                  "refsource": "CONFIRM",
                  "url": "http://sourceforge.net/project/shownotes.php?release_id=380210\u0026group_id=13229"
                },
                {
                  "name": "http://sourceforge.net/mailarchive/forum.php?thread_id=9201144\u0026forum_id=40388",
                  "refsource": "MISC",
                  "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=9201144\u0026forum_id=40388"
                },
                {
                  "name": "http://sourceforge.net/project/shownotes.php?release_id=380202\u0026group_id=13229",
                  "refsource": "CONFIRM",
                  "url": "http://sourceforge.net/project/shownotes.php?release_id=380202\u0026group_id=13229"
                },
                {
                  "name": "http://bugs.gentoo.org/show_bug.cgi?id=116314",
                  "refsource": "MISC",
                  "url": "http://bugs.gentoo.org/show_bug.cgi?id=116314"
                },
                {
                  "name": "43353",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43353"
                },
                {
                  "name": "18315",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18315"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "assignerShortName": "debian",
        "cveId": "CVE-2005-3534",
        "datePublished": "2005-12-22T21:00:00.000Z",
        "dateReserved": "2005-11-16T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:17:22.827Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }