CVE-2013-6410

EPSS 0.32%

nbd - privilege escalation

Published: 12/7/2013Modified: 4/28/2026

Also known as:DEBIAN-CVE-2013-6410

Description

nbd-server in Network Block Device (nbd) before 3.5 does not properly check IP addresses, which might allow remote attackers to bypass intended access restrictions via an IP address that has a partial match in the authfile configuration file.

Affected packages (2)

Debian/nbdfrom 0, < 1:3.5-1
Debian/nbdfrom 0, < 1:2.9.16-8+squeeze1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-6410