CVE-2013-7441

Published May 29, 2015

Last updated 8 years ago

Overview

Description: The modern style negotiation in Network Block Device (nbd-server) 2.9.22 through 3.3 allows remote attackers to cause a denial of service (root process termination) by (1) closing the connection during negotiation or (2) specifying a name for a non-existent export.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:wouter_verhelst:nbd:2.9.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24E3411A-8602-4F5B-A9F1-7137D8F94971"
          },
          {
            "criteria": "cpe:2.3:a:wouter_verhelst:nbd:2.9.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DBF449CE-4E34-44AD-862D-B2BAD7C791A1"
          },
          {
            "criteria": "cpe:2.3:a:wouter_verhelst:nbd:2.9.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6DB987D9-1A61-4817-AD2A-D3CCD9D65FE5"
          },
          {
            "criteria": "cpe:2.3:a:wouter_verhelst:nbd:2.9.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08C9410A-65DF-4095-85AF-D3AED4B8DBEA"
          },
          {
            "criteria": "cpe:2.3:a:wouter_verhelst:nbd:2.9.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6E18B35-771D-4F90-B255-66799D1F4B05"
          },
          {
            "criteria": "cpe:2.3:a:wouter_verhelst:nbd:2.9.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0EAC7C30-4702-42EF-B5B8-657C562C4AAD"
          },
          {
            "criteria": "cpe:2.3:a:wouter_verhelst:nbd:2.9.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "391B2B7C-D466-4C40-A2FB-8BB405BAF79A"
          },
          {
            "criteria": "cpe:2.3:a:wouter_verhelst:nbd:2.9.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A93CA98E-49C3-4711-A8F2-E7F6C74A50C3"
          },
          {
            "criteria": "cpe:2.3:a:wouter_verhelst:nbd:2.9.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5631F29-6017-4D56-AD40-DF251D748D82"
          },
          {
            "criteria": "cpe:2.3:a:wouter_verhelst:nbd:2.9.24:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41D49EC8-5666-49E1-A9CC-2721572CC198"
          },
          {
            "criteria": "cpe:2.3:a:wouter_verhelst:nbd:2.9.25:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "265E94EF-BA8B-4907-AECF-A8EA32A682AC"
          },
          {
            "criteria": "cpe:2.3:a:wouter_verhelst:nbd:3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B1CF11FA-495B-4A64-9E77-2609CBA9F527"
          },
          {
            "criteria": "cpe:2.3:a:wouter_verhelst:nbd:3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C8EDA04-8854-41B4-9FEA-5602F5627585"
          },
          {
            "criteria": "cpe:2.3:a:wouter_verhelst:nbd:3.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "212A5449-2F91-40C1-8714-35F4B6C3671E"
          },
          {
            "criteria": "cpe:2.3:a:wouter_verhelst:nbd:3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "15729EB2-2C46-4B8C-8D2E-7A6540908E41"
          },
          {
            "criteria": "cpe:2.3:a:wouter_verhelst:nbd:3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D84A04C9-6DB8-40A4-BD60-6D95BE3837B5"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References