Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200512-14] NBD Tools: Buffer overflow in NBD server Vulnerability Scan
Vulnerability Scan Summary
NBD Tools: Buffer overflow in NBD server
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200512-14
(NBD Tools: Buffer overflow in NBD server)
Kurt Fitzner discovered that the NBD server allocates a request
buffer that fails to take into account the size of the reply header.
A remote attacker could send a malicious request that can result
in the execution of arbitrary code with the rights of the NBD server.
There is no known workaround at this time.
All NBD Tools users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-block/nbd-2.8.2-r1"
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.