oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request: nbd-server

From: Josh Bressers <bressers () redhat com>
Date: Tue, 17 May 2011 15:56:03 -0400 (EDT)
Please use CVE-2011-1925

Thanks.

-- 
    JB


----- Original Message -----

Hi,

In Debian the following was reported:
nbd-server 2.9.21 has a NULL-pointer dereference in its negotiation
phase, which allows unauthenticated users to DoS the server by causing
the negotiation to fail (e.g., by specifying a non-existing name for
an
export).

Filed as http://bugs.debian.org/627042. This affects only 2.9.21 so
for us
goes that only our unstable distribution is affected.

We'd like to have a CVE name for this.


Cheers,
Thijs
Previous By Date Next
Previous By Thread Next

Current thread: