ALT Linux Team

Package nbd update in p9 on 2020-11-02

ALT-PU-2020-3187-1

Package nbd updated to version 3.20-alt1 for branch p9 in task 260630.

Closed vulnerabilities

Published: 2013-12-07

BDU:2015-01947

Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: HIGH (7.5) Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
Published: 2013-12-07
Modified: 2025-04-11

CVE-2013-6410

nbd-server in Network Block Device (nbd) before 3.5 does not properly check IP addresses, which might allow remote attackers to bypass intended access restrictions via an IP address that has a partial match in the authfile configuration file.

Severity: HIGH (7.5) Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
Published: 2015-05-29
Modified: 2025-04-12

CVE-2013-7441

The modern style negotiation in Network Block Device (nbd-server) 2.9.22 through 3.3 allows remote attackers to cause a denial of service (root process termination) by (1) closing the connection during negotiation or (2) specifying a name for a non-existent export.

Severity: HIGH (7.8) Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
References:
Published: 2015-05-29
Modified: 2025-04-12

CVE-2015-0847

nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly handle signals, which allows remote attackers to cause a denial of service (deadlock) via unspecified vectors.

Severity: HIGH (7.8) Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.2
Back to top