Vulnerability Details CVE-2005-3534
Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.139
EPSS Ranking 94.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://bugs.gentoo.org/show_bug.cgi?id=116314
- http://secunia.com/advisories/18135
- http://secunia.com/advisories/18171
- http://secunia.com/advisories/18209
- http://secunia.com/advisories/18315
- http://secunia.com/advisories/18503
- http://secunia.com/advisories/43353
- http://secunia.com/advisories/43610
- http://sourceforge.net/mailarchive/forum.php?thread_id=9201144&forum_id=40388
- http://sourceforge.net/project/shownotes.php?release_id=380202&group_id=13229
- http://sourceforge.net/project/shownotes.php?release_id=380210&group_id=13229
- http://www.debian.org/security/2005/dsa-924
- http://www.gentoo.org/security/en/glsa/glsa-200512-14.xml
- http://www.osvdb.org/21848
- http://www.securityfocus.com/bid/16029
- https://usn.ubuntu.com/237-1/
- http://bugs.gentoo.org/show_bug.cgi?id=116314
- http://secunia.com/advisories/18135
- http://secunia.com/advisories/18171
- http://secunia.com/advisories/18209
- http://secunia.com/advisories/18315
- http://secunia.com/advisories/18503
- http://secunia.com/advisories/43353
- http://secunia.com/advisories/43610
- http://sourceforge.net/mailarchive/forum.php?thread_id=9201144&forum_id=40388
- http://sourceforge.net/project/shownotes.php?release_id=380202&group_id=13229
- http://sourceforge.net/project/shownotes.php?release_id=380210&group_id=13229
- http://www.debian.org/security/2005/dsa-924
- http://www.gentoo.org/security/en/glsa/glsa-200512-14.xml
- http://www.osvdb.org/21848
- http://www.securityfocus.com/bid/16029
- https://usn.ubuntu.com/237-1/
Products affected by CVE-2005-3534
-
cpe:2.3:a:wouter_verhelst:nbd:2.7.5
-
cpe:2.3:a:wouter_verhelst:nbd:2.8.0
-
cpe:2.3:a:wouter_verhelst:nbd:2.8.2