Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2011-0530

Published: 22/02/2011 Updated: 17/08/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Nbd

Vulnerability Summary

Buffer overflow in the mainloop function in nbd-server.c in the server in Network Block Device (nbd) prior to 2.9.20 might allow remote malicious users to execute arbitrary code via a long request. NOTE: this issue exists because of a CVE-2005-3534 regression.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

wouter verhelst nbd 2.9.14

wouter verhelst nbd 2.9.15

wouter verhelst nbd 2.9.7

wouter verhelst nbd 2.9.8

wouter verhelst nbd 2.9.0

wouter verhelst nbd

wouter verhelst nbd 2.9.11

wouter verhelst nbd 2.9.12

wouter verhelst nbd 2.9.2

wouter verhelst nbd 2.9.5

wouter verhelst nbd 2.9.18

wouter verhelst nbd 2.9.13

wouter verhelst nbd 2.9.6

wouter verhelst nbd 2.9.4

wouter verhelst nbd 2.9.1

wouter verhelst nbd 2.9.16

wouter verhelst nbd 2.9.17

wouter verhelst nbd 2.9.10

wouter verhelst nbd 2.9.9

wouter verhelst nbd 2.9.3

Vendor Advisories

Debian CVElist Bug Report Logs: nbd-server dies due to EFAULT from read
Debian Bug report logs - #611187 nbd-server dies due to EFAULT from read Package: nbd-server; Maintainer for nbd-server is Wouter Verhelst <wouter@debianorg>; Source for nbd-server is src:nbd (PTS, buildd, popcon) Reported by: Ian Jackson <IanJackson@eucitrixcom> Date: Wed, 26 Jan 2011 15:03:02 UTC Severity: ser ...
Ubuntu Security Notice: nbd vulnerability
An attacker could send crafted input to NBD and cause it to crash or to run arbitrary programs ...
Debian Security Advisories: DSA-2183-1 nbd -- buffer overflow
It was discovered a regression of a buffer overflow (CVE-2005-3534) in NBD, the Network Block Device server, that could allow arbitrary code execution on the NBD server via a large request For the oldstable distribution (lenny), this problem has been fixed in version 1:2911-3lenny1 The stable distribution (squeeze), the testing distribution (wh ...

References

CWE-119http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054083.htmlhttp://openwall.com/lists/oss-security/2011/01/31/7http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611187https://github.com/yoe/nbd/commit/3ef52043861ab16352d49af89e048ba6339d6df8http://secunia.com/advisories/43353https://bugzilla.redhat.com/show_bug.cgi?id=673562http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054071.htmlhttp://www.vupen.com/english/advisories/2011/0403http://openwall.com/lists/oss-security/2011/01/28/3http://www.securityfocus.com/bid/46572http://www.vupen.com/english/advisories/2011/0582http://www.debian.org/security/2011/dsa-2183http://secunia.com/advisories/43610https://hermes.opensuse.org/messages/8086846http://security.gentoo.org/glsa/glsa-201206-35.xmlhttp://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/65720https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611187https://usn.ubuntu.com/1155-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTICVE-2024-35863CVE-2024-35910man-in-the-middleCVE-2024-35912CVE-2024-25742LFICVE-2024-32002CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook