CVE-2011-0530
nbd - arbitrary code execution
EPSS 10.0%
Description
Buffer overflow in the mainloop function in nbd-server.c in the server in Network Block Device (nbd) before 2.9.20 might allow remote attackers to execute arbitrary code via a long request. NOTE: this issue exists because of a CVE-2005-3534 regression.
How to fix CVE-2011-0530
To remediate CVE-2011-0530, upgrade the affected package to a fixed version below.
- Debian/nbd—upgrade to 1:2.9.16-8 or later
- Debian/nbd—upgrade to 1:2.9.11-3lenny1 or later
Is CVE-2011-0530 being exploited?
Moderate — EPSS is 10.0%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 1:2.9.16-8
- from 0, < 1:2.9.11-3lenny1