oss-sec mailing list archives
Re: CVE request: nbd-server
From: Josh Bressers <bressers () redhat com>
Date: Tue, 17 May 2011 15:56:03 -0400 (EDT)
Please use CVE-2011-1925 Thanks. -- JB ----- Original Message -----
Hi, In Debian the following was reported: nbd-server 2.9.21 has a NULL-pointer dereference in its negotiation phase, which allows unauthenticated users to DoS the server by causing the negotiation to fail (e.g., by specifying a non-existing name for an export). Filed as http://bugs.debian.org/627042. This affects only 2.9.21 so for us goes that only our unstable distribution is affected. We'd like to have a CVE name for this. Cheers, Thijs
Current thread:
- CVE request: nbd-server Thijs Kinkhorst (May 17)
- Re: CVE request: nbd-server Vincent Danen (May 17)
- Re: CVE request: nbd-server Wouter Verhelst (May 17)
- Re: CVE request: nbd-server Vincent Danen (May 17)
- Re: CVE request: nbd-server Wouter Verhelst (May 17)
- Re: CVE request: nbd-server Josh Bressers (May 17)
- Re: CVE request: nbd-server Vincent Danen (May 17)