CVE-2011-0530

EPSS 10.0%

nbd - arbitrary code execution

Published: 2/22/2011Modified: 4/28/2026

Description

Buffer overflow in the mainloop function in nbd-server.c in the server in Network Block Device (nbd) before 2.9.20 might allow remote attackers to execute arbitrary code via a long request. NOTE: this issue exists because of a CVE-2005-3534 regression.

Affected packages (2)

Debian/nbdfrom 0, < 1:2.9.16-8
Debian/nbdfrom 0, < 1:2.9.11-3lenny1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-0530