{ "modified": "2025-08-09T19:01:27Z", "published": "2005-12-22T21:03:00Z", "id": "CVE-2005-3534", "details": "Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header.", "references": [ { "type": "ADVISORY", "url": "http://secunia.com/advisories/18135" }, { "type": "ADVISORY", "url": "http://secunia.com/advisories/18171" }, { "type": "ADVISORY", "url": "http://secunia.com/advisories/18209" }, { "type": "ADVISORY", "url": "http://secunia.com/advisories/18315" }, { "type": "ADVISORY", "url": "http://secunia.com/advisories/18503" }, { "type": "ADVISORY", "url": "http://secunia.com/advisories/43353" }, { "type": "ADVISORY", "url": "http://secunia.com/advisories/43610" }, { "type": "ADVISORY", "url": "http://www.debian.org/security/2005/dsa-924" }, { "type": "ADVISORY", "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-14.xml" }, { "type": "FIX", "url": "http://secunia.com/advisories/18171" }, { "type": "FIX", "url": "http://secunia.com/advisories/18209" }, { "type": "FIX", "url": "http://secunia.com/advisories/18315" }, { "type": "FIX", "url": "http://sourceforge.net/project/shownotes.php?release_id=380202\u0026group_id=13229" }, { "type": "FIX", "url": "http://sourceforge.net/project/shownotes.php?release_id=380210\u0026group_id=13229" }, { "type": "FIX", "url": "http://www.debian.org/security/2005/dsa-924" }, { "type": "FIX", "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-14.xml" }, { "type": "FIX", "url": "http://www.osvdb.org/21848" }, { "type": "FIX", "url": "http://www.securityfocus.com/bid/16029" }, { "type": "WEB", "url": "http://bugs.gentoo.org/show_bug.cgi?id=116314" }, { "type": "WEB", "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=9201144\u0026forum_id=40388" }, { "type": "WEB", "url": "https://usn.ubuntu.com/237-1/" } ] }