|
Family: Ubuntu Local Security Checks --> Category: infos
USN237-1 : nbd vulnerability Vulnerability Scan
Vulnerability Scan Summary nbd vulnerability
Detailed Explanation for this Vulnerability Test
Synopsis :
These remote packages are missing security patches :
- nbd-client
- nbd-server
Description :
Kurt Fitzner discovered that the NBD (network block device) server did
not correctly verify the maximum size of request packets. By sending
specially crafted large request packets, a remote attacker who is
allowed to access the server could exploit this to execute arbitrary
code with root rights.
Solution :
Upgrade to :
- nbd-client-2.7.4-1ubuntu0.1 (Ubuntu 5.10)
- nbd-server-2.7.4-1ubuntu0.1 (Ubuntu 5.10)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|