Vulnerability Details : CVE-2005-3534
Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header.
Vulnerability category: OverflowExecute code
Products affected by CVE-2005-3534
- cpe:2.3:a:wouter_verhelst:nbd:*:*:*:*:*:*:*:*
- cpe:2.3:a:wouter_verhelst:nbd:2.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:wouter_verhelst:nbd:2.8.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-3534
16.43%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-3534
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2005-3534
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2005-3534
-
http://sourceforge.net/project/shownotes.php?release_id=380210&group_id=13229
Network Block Device download | SourceForge.netPatch
-
http://bugs.gentoo.org/show_bug.cgi?id=116314
116314 – sys-block/nbd Buffer overflow (CVE-2005-3534)
-
http://sourceforge.net/mailarchive/forum.php?thread_id=9201144&forum_id=40388
Page not found - SourceForge.net
-
http://www.gentoo.org/security/en/glsa/glsa-200512-14.xml
NBD Tools: Buffer overflow in NBD server (GLSA 200512-14) — Gentoo securityPatch;Vendor Advisory
-
https://usn.ubuntu.com/237-1/
404: Page not found | Ubuntu
-
http://www.debian.org/security/2005/dsa-924
[SECURITY] [DSA 924-1] New nbd packages fix potential arbitrary code executionPatch;Vendor Advisory
-
http://www.securityfocus.com/bid/16029
Patch
-
http://sourceforge.net/project/shownotes.php?release_id=380202&group_id=13229
Network Block Device download | SourceForge.netPatch
Jump to