CVE-2005-3534
nbd < 2.7.5 and 2.8.0-2.8.2 - Remote Code Execution via Large Request Buffer Overflow
Title source: llmDescription
Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header.
References (16)
Core 16
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/43610
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/18503
Patch, Vendor Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2005/dsa-924
Patch vdb-entry
x_refsource_osvdb
http://www.osvdb.org/21848
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/18209
Vendor Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/237-1/
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/18171
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/16029
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/18135
Patch, Vendor Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200512-14.xml
Patch x_refsource_confirm
http://sourceforge.net/project/shownotes.php?release_id=380210&group_id=13229
Product x_refsource_misc
http://sourceforge.net/mailarchive/forum.php?thread_id=9201144&forum_id=40388
Patch x_refsource_confirm
http://sourceforge.net/project/shownotes.php?release_id=380202&group_id=13229
Issue Tracking x_refsource_misc
http://bugs.gentoo.org/show_bug.cgi?id=116314
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/43353
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/18315
Scores
EPSS
0.0599
EPSS Percentile
92.5%
Details
CWE
CWE-119
Status
published
Products (3)
wouter_verhelst/nbd
2.8.0
wouter_verhelst/nbd
2.8.2
wouter_verhelst/nbd
< 2.7.5
Published
Dec 22, 2005
Tracked Since
Feb 18, 2026