About Ubuntu

=========================================================== Ubuntu Security Notice USN-237-1 January 06, 2006 nbd vulnerability CVE-2005-3534 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.10 (Breezy Badger) The following packages are affected: nbd-server The problem can be corrected by upgrading the affected package to version 1:2.7.4-1ubuntu0.1. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Kurt Fitzner discovered that the NBD (network block device) server did not correctly verify the maximum size of request packets. By sending specially crafted large request packets, a remote attacker who is allowed to access the server could exploit this to execute arbitrary code with root privileges.