Date: Tue, 17 May 2011 10:38:20 +0200 From: "Thijs Kinkhorst" <thijs@...ian.org> To: oss-security@...ts.openwall.com Subject: CVE request: nbd-server Hi, In Debian the following was reported: nbd-server 2.9.21 has a NULL-pointer dereference in its negotiation phase, which allows unauthenticated users to DoS the server by causing the negotiation to fail (e.g., by specifying a non-existing name for an export). Filed as http://bugs.debian.org/627042. This affects only 2.9.21 so for us goes that only our unstable distribution is affected. We'd like to have a CVE name for this. Cheers, Thijs
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ