Vulnerabilities (CVE)

Filtered by vendor Netbsd Subscribe
Total 180 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2003-0914 9 Compaq, Freebsd, Hp and 6 more 10 Tru64, Freebsd, Hp-ux and 7 more 2024-11-20 4.3 MEDIUM N/A
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
CVE-2003-0730 2 Netbsd, Xfree86 Project 2 Netbsd, X11r6 2024-11-20 7.5 HIGH N/A
Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks.
CVE-2003-0694 11 Apple, Compaq, Freebsd and 8 more 18 Mac Os X, Mac Os X Server, Tru64 and 15 more 2024-11-20 10.0 HIGH N/A
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
CVE-2003-0681 8 Apple, Gentoo, Hp and 5 more 14 Mac Os X, Mac Os X Server, Linux and 11 more 2024-11-20 7.5 HIGH N/A
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
CVE-2003-0653 1 Netbsd 1 Netbsd 2024-11-20 5.0 MEDIUM N/A
The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets.
CVE-2003-0466 7 Apple, Freebsd, Netbsd and 4 more 8 Mac Os X, Mac Os X Server, Freebsd and 5 more 2024-11-20 10.0 HIGH 9.8 CRITICAL
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
CVE-2003-0102 2 File, Netbsd 2 File, Netbsd 2024-11-20 4.6 MEDIUM N/A
Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).
CVE-2003-0001 4 Freebsd, Linux, Microsoft and 1 more 5 Freebsd, Linux Kernel, Windows 2000 and 2 more 2024-11-20 5.0 MEDIUM N/A
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
CVE-2002-2245 1 Netbsd 1 Ftpd 2024-11-20 5.0 MEDIUM N/A
ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contains a carriage return followed by a digit, which can cause firewalls and other intermediary devices to lose proper track of the FTP session.
CVE-2002-2092 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2024-11-20 3.7 LOW N/A
Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid.
CVE-2002-1915 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2024-11-20 2.1 LOW 5.5 MEDIUM
tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file.
CVE-2002-1543 1 Netbsd 1 Netbsd 2024-11-20 4.6 MEDIUM N/A
Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input.
CVE-2002-1500 1 Netbsd 1 Netbsd 2024-11-20 7.2 HIGH N/A
Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET().
CVE-2002-1490 1 Netbsd 1 Netbsd 2024-11-20 2.1 LOW N/A
NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other processes.
CVE-2002-1476 1 Netbsd 1 Netbsd 2024-11-20 4.6 MEDIUM N/A
Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local attackers to execute arbitrary code via a user-controlled locale string that has more than 6 elements, which exceeds the boundaries of the new_categories category array, as exploitable through programs such as xterm and zsh.
CVE-2002-1337 7 Gentoo, Hp, Netbsd and 4 more 9 Linux, Alphaserver Sc, Hp-ux and 6 more 2024-11-20 10.0 HIGH N/A
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
CVE-2002-1194 1 Netbsd 1 Netbsd 2024-11-20 7.5 HIGH N/A
Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other operating systems, may allow remote attackers to execute arbitrary code via a long inbound message.
CVE-2002-1192 2 Netbsd, Rogue 2 Netbsd, Rogue 2024-11-20 4.6 MEDIUM N/A
Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD 4.6, and possibly other operating systems, allows local users to gain "games" group privileges via malformed entries in a game save file.
CVE-2002-1165 2 Netbsd, Sendmail 2 Netbsd, Sendmail 2024-11-20 4.6 MEDIUM N/A
Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified.
CVE-2002-0666 6 Apple, Freebsd, Frees Wan and 3 more 12 Mac Os X, Mac Os X Server, Freebsd and 9 more 2024-11-20 5.0 MEDIUM N/A
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.