Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 17 May 2011 10:38:20 +0200
From: "Thijs Kinkhorst" <thijs@...ian.org>
To: oss-security@...ts.openwall.com
Subject: CVE request: nbd-server 

Hi,

In Debian the following was reported:
nbd-server 2.9.21 has a NULL-pointer dereference in its negotiation
phase, which allows unauthenticated users to DoS the server by causing
the negotiation to fail (e.g., by specifying a non-existing name for an
export).

Filed as http://bugs.debian.org/627042. This affects only 2.9.21 so for us
goes that only our unstable distribution is affected.

We'd like to have a CVE name for this.


Cheers,
Thijs

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ