CVE-2005-3534

N/A Unknown
Published: December 22, 2005 Modified: April 16, 2026
View on NVD

Description

Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://bugs.gentoo.org/show_bug.cgi?id=116314
Source: security@debian.org
http://secunia.com/advisories/18135
Source: security@debian.org
Vendor Advisory
http://secunia.com/advisories/18171
Source: security@debian.org
Patch Vendor Advisory
http://secunia.com/advisories/18209
Source: security@debian.org
Patch Vendor Advisory
http://secunia.com/advisories/18315
Source: security@debian.org
Patch Vendor Advisory
http://secunia.com/advisories/18503
Source: security@debian.org
Vendor Advisory
http://secunia.com/advisories/43353
Source: security@debian.org
http://secunia.com/advisories/43610
Source: security@debian.org
http://sourceforge.net/mailarchive/forum.php?thread_id=9201144&forum_id=40388
Source: security@debian.org
http://sourceforge.net/project/shownotes.php?release_id=380202&group_id=13229
Source: security@debian.org
Patch
http://sourceforge.net/project/shownotes.php?release_id=380210&group_id=13229
Source: security@debian.org
Patch
http://www.debian.org/security/2005/dsa-924
Source: security@debian.org
Patch Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200512-14.xml
Source: security@debian.org
Patch Vendor Advisory
http://www.osvdb.org/21848
Source: security@debian.org
Patch
http://www.securityfocus.com/bid/16029
Source: security@debian.org
Patch
https://usn.ubuntu.com/237-1/
Source: security@debian.org
http://bugs.gentoo.org/show_bug.cgi?id=116314
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/18135
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/18171
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://secunia.com/advisories/18209
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://secunia.com/advisories/18315
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://secunia.com/advisories/18503
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/43353
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/43610
Source: af854a3a-2127-422b-91ae-364da2661108
http://sourceforge.net/mailarchive/forum.php?thread_id=9201144&forum_id=40388
Source: af854a3a-2127-422b-91ae-364da2661108
http://sourceforge.net/project/shownotes.php?release_id=380202&group_id=13229
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://sourceforge.net/project/shownotes.php?release_id=380210&group_id=13229
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.debian.org/security/2005/dsa-924
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200512-14.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.osvdb.org/21848
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.securityfocus.com/bid/16029
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
https://usn.ubuntu.com/237-1/
Source: af854a3a-2127-422b-91ae-364da2661108

32 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
13.9%
94th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

wouter_verhelst

Related CVEs

CVE-2026-41279 N/A
CVE-2026-41278 N/A
CVE-2026-41277 N/A
CVE-2026-41276 N/A
CVE-2026-41275 N/A