Vulnerabilities (CVE)

Filtered by vendor Netbsd Subscribe
Total 180 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0414 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2024-11-20 7.5 HIGH N/A
KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets.
CVE-2002-0381 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2024-11-20 5.0 MEDIUM N/A
The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address.
CVE-2002-0004 8 Caldera, Debian, Freebsd and 5 more 9 Openlinux Server, Openlinux Workstation, Debian Linux and 6 more 2024-11-20 7.2 HIGH N/A
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
CVE-2001-1244 7 Freebsd, Hp, Linux and 4 more 9 Freebsd, Hp-ux, Vvos and 6 more 2024-11-20 5.0 MEDIUM N/A
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
CVE-2001-1145 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2024-11-20 6.2 MEDIUM N/A
fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories.
CVE-2001-1091 1 Netbsd 1 Netbsd 2024-11-20 7.2 HIGH N/A
The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable.
CVE-2001-0993 1 Netbsd 1 Netbsd 2024-11-20 2.1 LOW N/A
sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr structure with a large msg_controllen length.
CVE-2001-0734 1 Netbsd 1 Netbsd 2024-11-20 7.2 HIGH N/A
Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local user to gain privileges via modified Status Register contents, which are not properly handled by (1) the sigreturn system call or (2) the process_write_regs kernel routine.
CVE-2001-0710 2 Freebsd, Netbsd 2 Freebsd, Netbsd 2024-11-20 5.0 MEDIUM N/A
NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool.
CVE-2001-0670 4 Bsd, Freebsd, Netbsd and 1 more 4 Bsd, Freebsd, Netbsd and 1 more 2024-11-20 7.5 HIGH N/A
Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue.
CVE-2001-0554 9 Debian, Freebsd, Ibm and 6 more 11 Debian Linux, Freebsd, Aix and 8 more 2024-11-20 10.0 HIGH N/A
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
CVE-2001-0268 2 Netbsd, Openbsd 2 Netbsd, Openbsd 2024-11-20 7.2 HIGH N/A
The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address.
CVE-2001-0247 5 Freebsd, Mit, Netbsd and 2 more 5 Freebsd, Kerberos 5, Netbsd and 2 more 2024-11-20 10.0 HIGH N/A
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.
CVE-2001-0053 3 David Madore, Netbsd, Openbsd 3 Ftpd-bsd, Netbsd, Openbsd 2024-11-20 10.0 HIGH N/A
One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges.
CVE-2001-0033 2 Kth, Netbsd 2 Kth Kerberos, Netbsd 2024-11-20 7.2 HIGH N/A
KTH Kerberos IV allows local users to change the configuration of a Kerberos server running at an elevated privilege by specifying an alternate directory using with the KRBCONFDIR environmental variable, which allows the user to gain additional privileges.
CVE-2000-1208 4 Immunix, Netbsd, Openbsd and 1 more 4 Immunix, Netbsd, Openbsd and 1 more 2024-11-20 7.2 HIGH N/A
Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call.
CVE-2000-0997 2 Netbsd, Openbsd 2 Netbsd, Openbsd 2024-11-20 7.2 HIGH N/A
Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges.
CVE-2000-0993 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2024-11-20 7.2 HIGH N/A
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd.
CVE-2000-0751 3 Netbsd, Openbsd, Redhat 3 Netbsd, Openbsd, Linux 2024-11-20 7.5 HIGH N/A
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.
CVE-2000-0750 3 Netbsd, Openbsd, Redhat 3 Netbsd, Openbsd, Linux 2024-11-20 7.5 HIGH N/A
Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name.