CVE-2005-3534

nbd < 2.7.5 and 2.8.0-2.8.2 - Remote Code Execution via Large Request Buffer Overflow

Title source: llm
STIX 2.1

Description

Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header.

References (16)

Core 16
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/43610
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/18503
Patch, Vendor Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2005/dsa-924
Patch vdb-entry x_refsource_osvdb
http://www.osvdb.org/21848
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/18209
Vendor Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/237-1/
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/18171
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/16029
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/18135
Patch, Vendor Advisory vendor-advisory x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200512-14.xml
Issue Tracking x_refsource_misc
http://bugs.gentoo.org/show_bug.cgi?id=116314
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/43353
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/18315

Scores

EPSS 0.0599
EPSS Percentile 92.5%

Details

CWE
CWE-119
Status published
Products (3)
wouter_verhelst/nbd 2.8.0
wouter_verhelst/nbd 2.8.2
wouter_verhelst/nbd < 2.7.5
Published Dec 22, 2005
Tracked Since Feb 18, 2026