Vulnerabilities (CVE)

Filtered by vendor Netbsd Subscribe
Filtered by product Netbsd
Total 176 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2000-0157 1 Netbsd 1 Netbsd 2024-02-28 7.2 HIGH N/A
NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process.
CVE-1999-0085 3 Freebsd, Ibm, Netbsd 3 Freebsd, Aix, Netbsd 2024-02-28 7.5 HIGH N/A
Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname.
CVE-2002-1490 1 Netbsd 1 Netbsd 2024-02-28 2.1 LOW N/A
NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other processes.
CVE-2000-1208 4 Immunix, Netbsd, Openbsd and 1 more 4 Immunix, Netbsd, Openbsd and 1 more 2024-02-28 7.2 HIGH N/A
Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call.
CVE-2002-0414 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2024-02-28 7.5 HIGH N/A
KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets.
CVE-2004-1323 1 Netbsd 1 Netbsd 2024-02-28 2.1 LOW N/A
Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions.
CVE-1999-1518 2 Freebsd, Netbsd 2 Freebsd, Netbsd 2024-02-28 5.0 MEDIUM N/A
Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults.
CVE-2001-0033 2 Kth, Netbsd 2 Kth Kerberos, Netbsd 2024-02-28 7.2 HIGH N/A
KTH Kerberos IV allows local users to change the configuration of a Kerberos server running at an elevated privilege by specifying an alternate directory using with the KRBCONFDIR environmental variable, which allows the user to gain additional privileges.
CVE-2003-1289 2 Freebsd, Netbsd 2 Freebsd, Netbsd 2024-02-28 2.1 LOW N/A
The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory.
CVE-2002-1194 1 Netbsd 1 Netbsd 2024-02-28 7.5 HIGH N/A
Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other operating systems, may allow remote attackers to execute arbitrary code via a long inbound message.
CVE-1999-0367 1 Netbsd 1 Netbsd 2024-02-28 2.1 LOW N/A
NetBSD netstat command allows local users to access kernel memory.
CVE-2001-0710 2 Freebsd, Netbsd 2 Freebsd, Netbsd 2024-02-28 5.0 MEDIUM N/A
NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool.
CVE-1999-0628 4 Freebsd, Ibm, Linux and 1 more 4 Freebsd, Aix, Linux Kernel and 1 more 2024-02-28 5.0 MEDIUM N/A
The rwho/rwhod service is running, which exposes machine status and user information.
CVE-2002-1543 1 Netbsd 1 Netbsd 2024-02-28 4.6 MEDIUM N/A
Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input.
CVE-2001-1244 7 Freebsd, Hp, Linux and 4 more 9 Freebsd, Hp-ux, Vvos and 6 more 2024-02-28 5.0 MEDIUM N/A
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
CVE-1999-0297 5 Bsdi, Freebsd, Netbsd and 2 more 5 Bsd Os, Freebsd, Netbsd and 2 more 2024-02-28 7.2 HIGH N/A
Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.
CVE-2003-0914 9 Compaq, Freebsd, Hp and 6 more 10 Tru64, Freebsd, Hp-ux and 7 more 2024-02-28 4.3 MEDIUM N/A
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
CVE-2002-1915 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2024-02-28 2.1 LOW 5.5 MEDIUM
tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file.
CVE-2000-0751 3 Netbsd, Openbsd, Redhat 3 Netbsd, Openbsd, Linux 2024-02-28 7.5 HIGH N/A
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.
CVE-2003-0466 7 Apple, Freebsd, Netbsd and 4 more 8 Mac Os X, Mac Os X Server, Freebsd and 5 more 2024-02-28 10.0 HIGH 9.8 CRITICAL
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.