Unrated severityNVD Advisory· Published Dec 22, 2005· Updated Apr 16, 2026
CVE-2005-3534
CVE-2005-3534
Description
Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header.
Affected products
3cpe:2.3:a:wouter_verhelst:nbd:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:wouter_verhelst:nbd:*:*:*:*:*:*:*:*range: <=2.7.5
- cpe:2.3:a:wouter_verhelst:nbd:2.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:wouter_verhelst:nbd:2.8.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
16- secunia.com/advisories/18171nvdPatchVendor Advisory
- secunia.com/advisories/18209nvdPatchVendor Advisory
- secunia.com/advisories/18315nvdPatchVendor Advisory
- sourceforge.net/project/shownotes.phpnvdPatch
- sourceforge.net/project/shownotes.phpnvdPatch
- www.debian.org/security/2005/dsa-924nvdPatchVendor Advisory
- www.gentoo.org/security/en/glsa/glsa-200512-14.xmlnvdPatchVendor Advisory
- www.osvdb.org/21848nvdPatch
- www.securityfocus.com/bid/16029nvdPatch
- secunia.com/advisories/18135nvdVendor Advisory
- secunia.com/advisories/18503nvdVendor Advisory
- bugs.gentoo.org/show_bug.cginvd
- secunia.com/advisories/43353nvd
- secunia.com/advisories/43610nvd
- sourceforge.net/mailarchive/forum.phpnvd
- usn.ubuntu.com/237-1/nvd
News mentions
0No linked articles in our index yet.