Filtered by vendor Netbsd
Subscribe
Total
179 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-2245 | 1 Netbsd | 1 Ftpd | 2023-12-10 | 5.0 MEDIUM | N/A |
ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contains a carriage return followed by a digit, which can cause firewalls and other intermediary devices to lose proper track of the FTP session. | |||||
CVE-2003-0653 | 1 Netbsd | 1 Netbsd | 2023-12-10 | 5.0 MEDIUM | N/A |
The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets. | |||||
CVE-2001-0670 | 4 Bsd, Freebsd, Netbsd and 1 more | 4 Bsd, Freebsd, Netbsd and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue. | |||||
CVE-1999-0017 | 9 Caldera, Freebsd, Gnu and 6 more | 11 Openlinux, Freebsd, Inet and 8 more | 2023-12-10 | 7.5 HIGH | N/A |
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. | |||||
CVE-1999-0009 | 11 Bsdi, Caldera, Data General and 8 more | 13 Bsd Os, Openlinux, Dg Ux and 10 more | 2023-12-10 | 10.0 HIGH | N/A |
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. | |||||
CVE-2002-0004 | 8 Caldera, Debian, Freebsd and 5 more | 9 Openlinux Server, Openlinux Workstation, Debian Linux and 6 more | 2023-12-10 | 7.2 HIGH | N/A |
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. | |||||
CVE-2000-0461 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2023-12-10 | 2.1 LOW | N/A |
The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call. | |||||
CVE-1999-0420 | 1 Netbsd | 1 Umapfs | 2023-12-10 | 7.2 HIGH | N/A |
umapfs allows local users to gain root privileges by changing their uid through a malicious mount_umap program. | |||||
CVE-2001-0993 | 1 Netbsd | 1 Netbsd | 2023-12-10 | 2.1 LOW | N/A |
sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr structure with a large msg_controllen length. | |||||
CVE-2001-0247 | 5 Freebsd, Mit, Netbsd and 2 more | 5 Freebsd, Kerberos 5, Netbsd and 2 more | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. | |||||
CVE-1999-1214 | 5 Bsd, Freebsd, Netbsd and 2 more | 5 Bsd, Freebsd, Netbsd and 2 more | 2023-12-10 | 2.1 LOW | N/A |
The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID. | |||||
CVE-1999-0446 | 1 Netbsd | 1 Netbsd | 2023-12-10 | 2.1 LOW | N/A |
Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS. | |||||
CVE-2000-0751 | 3 Netbsd, Openbsd, Redhat | 3 Netbsd, Openbsd, Linux | 2023-12-10 | 7.5 HIGH | N/A |
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands. | |||||
CVE-1999-0466 | 1 Netbsd | 1 Netbsd | 2023-12-10 | 7.2 HIGH | N/A |
The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device. | |||||
CVE-2002-1490 | 1 Netbsd | 1 Netbsd | 2023-12-10 | 2.1 LOW | N/A |
NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other processes. | |||||
CVE-1999-0367 | 1 Netbsd | 1 Netbsd | 2023-12-10 | 2.1 LOW | N/A |
NetBSD netstat command allows local users to access kernel memory. | |||||
CVE-1999-0764 | 1 Netbsd | 1 Netbsd | 2023-12-10 | 6.4 MEDIUM | N/A |
NetBSD allows ARP packets to overwrite static ARP entries. | |||||
CVE-2004-0230 | 6 Juniper, Mcafee, Netbsd and 3 more | 7 Junos, Network Data Loss Prevention, Netbsd and 4 more | 2023-12-10 | 5.0 MEDIUM | N/A |
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. | |||||
CVE-2000-0489 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2023-12-10 | 2.1 LOW | N/A |
FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers. | |||||
CVE-2002-1500 | 1 Netbsd | 1 Netbsd | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET(). |