Intrusion Prevention

Network.Block.Device.Server.Buffer.Overflow

Description

This indicates a possible exploit of a buffer overflow vulnerability in the Network Block Device (nbd) server.
This issue is due to a failure in the server to do proper bounds checking on user-supplied data before using it in finite-sized buffers. An attacker can exploit this issue to execute arbitrary code in the context of the affected application.

Affected Products

Network Block Device NBD 2.8.2
Network Block Device NBD 2.8.1
Network Block Device NBD 2.8
Network Block Device NBD 2.7.5

Impact

Execution of arbitrary code in the context of the affected application.

Recommended Actions

Patch information
Network Block Device NBD 2.7.5
Network Block Device nbd-2.7.6.tar.bz2
* http://prdownloads.sourceforge.net/nbd/nbd-2.7.6.tar.bz2?download
Network Block Device NBD 2.8
Network Block Device nbd-2.8.3.tar.bz2
* http://prdownloads.sourceforge.net/nbd/nbd-2.8.3.tar.bz2?download
Network Block Device NBD 2.8.1
Network Block Device nbd-2.8.3.tar.bz2
* http://prdownloads.sourceforge.net/nbd/nbd-2.8.3.tar.bz2?download
Network Block Device NBD 2.8.2
Network Block Device nbd-2.8.3.tar.bz2
* http://prdownloads.sourceforge.net/nbd/nbd-2.8.3.tar.bz2?download

CVE References

CVE-2005-3534