Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 17 May 2011 15:56:03 -0400 (EDT)
From: Josh Bressers <>
Cc: coley <>
Subject: Re: CVE request: nbd-server

Please use CVE-2011-1925



----- Original Message -----
> Hi,
> In Debian the following was reported:
> nbd-server 2.9.21 has a NULL-pointer dereference in its negotiation
> phase, which allows unauthenticated users to DoS the server by causing
> the negotiation to fail (e.g., by specifying a non-existing name for
> an
> export).
> Filed as This affects only 2.9.21 so
> for us
> goes that only our unstable distribution is affected.
> We'd like to have a CVE name for this.
> Cheers,
> Thijs

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.