Vulnerability Description
nbd-server.c in Network Block Device (nbd-server) 2.9.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by causing a negotiation failure, as demonstrated by specifying a name for a non-existent export.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wouter Verhelst | Nbd | <= 2.9.21 |
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627042.
- http://nbd.git.sourceforge.net/git/gitweb.cgi?p=nbd/nbd%3Ba=commitdiff%3Bh=ebbbe
- http://security.gentoo.org/glsa/glsa-201206-35.xml
- http://www.openwall.com/lists/oss-security/2011/05/17/1
- http://www.securityfocus.com/bid/47884
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67502
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627042.
- http://nbd.git.sourceforge.net/git/gitweb.cgi?p=nbd/nbd%3Ba=commitdiff%3Bh=ebbbe
- http://security.gentoo.org/glsa/glsa-201206-35.xml
- http://www.openwall.com/lists/oss-security/2011/05/17/1
- http://www.securityfocus.com/bid/47884
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67502
FAQ
What is CVE-2011-1925?
CVE-2011-1925 is a vulnerability with a CVSS score of 5.0 (MEDIUM). nbd-server.c in Network Block Device (nbd-server) 2.9.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by causing a negotiation failure, as demonstrated by ...
How severe is CVE-2011-1925?
CVE-2011-1925 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-1925?
Check the references section above for vendor advisories and patch information. Affected products include: Wouter Verhelst Nbd.