CVE-2013-7441

The modern style negotiation in Network Block Device (nbd-server) 2.9.22 through 3.3 allows remote attackers to cause a denial of service (root process termination) by (1) closing the connection during negotiation or (2) specifying a name for a non-existent export.

Affected Software

Name	Vendor	Start Version	End Version
Nbd	Wouter_verhelst	2.9.3 (including)	2.9.3 (including)
Nbd	Wouter_verhelst	2.9.4 (including)	2.9.4 (including)
Nbd	Wouter_verhelst	2.9.5 (including)	2.9.5 (including)
Nbd	Wouter_verhelst	2.9.6 (including)	2.9.6 (including)
Nbd	Wouter_verhelst	2.9.7 (including)	2.9.7 (including)
Nbd	Wouter_verhelst	2.9.8 (including)	2.9.8 (including)
Nbd	Wouter_verhelst	2.9.9 (including)	2.9.9 (including)
Nbd	Wouter_verhelst	2.9.22 (including)	2.9.22 (including)
Nbd	Wouter_verhelst	2.9.23 (including)	2.9.23 (including)
Nbd	Wouter_verhelst	2.9.24 (including)	2.9.24 (including)
Nbd	Wouter_verhelst	2.9.25 (including)	2.9.25 (including)
Nbd	Wouter_verhelst	3.0 (including)	3.0 (including)
Nbd	Wouter_verhelst	3.1 (including)	3.1 (including)
Nbd	Wouter_verhelst	3.1.1 (including)	3.1.1 (including)
Nbd	Wouter_verhelst	3.2 (including)	3.2 (including)
Nbd	Wouter_verhelst	3.3 (including)	3.3 (including)
Nbd	Ubuntu	precise	*
Nbd	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2013-7441
CWE	https://cwe.mitre.org/data/definitions/399.html

Affected Software

References