Wouter Verhelst: >> Nbd >> 3.3 Security Vulnerabilities
nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly handle signals, which allows remote attackers to cause a denial of service (deadlock) via unspecified vectors.
CVSS Score
7.8
EPSS Score
0.026
Published
2015-05-29
The modern style negotiation in Network Block Device (nbd-server) 2.9.22 through 3.3 allows remote attackers to cause a denial of service (root process termination) by (1) closing the connection during negotiation or (2) specifying a name for a non-existent export.
CVSS Score
7.8
EPSS Score
0.036
Published
2015-05-29
nbd-server in Network Block Device (nbd) before 3.5 does not properly check IP addresses, which might allow remote attackers to bypass intended access restrictions via an IP address that has a partial match in the authfile configuration file.
CVSS Score
7.5
EPSS Score
0.003
Published
2013-12-07