USN-238-1: Blender vulnerability
6 January 2006
Blender vulnerability
Releases
Details
Kurt Fitzner discovered that the NBD (network block device) server did
not correctly verify the maximum size of request packets. By sending
specially crafted large request packets, a remote attacker who is
allowed to access the server could exploit this to execute arbitrary
code with root privileges.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 5.10
-
blender
-
In general, a standard system update will make all the necessary changes.