blob: 353208937998b9b51e2ab58815442d3f6816200e [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200512-14">
<title>NBD Tools: Buffer overflow in NBD server</title>
The NBD server is vulnerable to a buffer overflow that may result in the
execution of arbitrary code.
<product type="ebuild">NBD</product>
<announced>December 23, 2005</announced>
<revised>December 23, 2005: 01</revised>
<package name="sys-block/nbd" auto="yes" arch="*">
<unaffected range="ge">2.8.2-r1</unaffected>
<vulnerable range="lt">2.8.2-r1</vulnerable>
The NBD Tools are the Network Block Device utilities allowing one
to use remote block devices over a TCP/IP network. It includes a
userland NBD server.
Kurt Fitzner discovered that the NBD server allocates a request
buffer that fails to take into account the size of the reply header.
<impact type="high">
A remote attacker could send a malicious request that can result
in the execution of arbitrary code with the rights of the NBD server.
There is no known workaround at this time.
All NBD Tools users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=sys-block/nbd-2.8.2-r1&quot;</code>
<uri link="">CVE-2005-3534</uri>
<metadata tag="submitter" timestamp="Fri, 23 Dec 2005 10:21:27 +0000">
<metadata tag="bugReady" timestamp="Fri, 23 Dec 2005 10:21:38 +0000">