Filtered by vendor Netbsd
Subscribe
Total
179 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0734 | 1 Netbsd | 1 Netbsd | 2023-12-10 | 7.2 HIGH | N/A |
Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local user to gain privileges via modified Status Register contents, which are not properly handled by (1) the sigreturn system call or (2) the process_write_regs kernel routine. | |||||
CVE-1999-0763 | 1 Netbsd | 1 Netbsd | 2023-12-10 | 6.4 MEDIUM | N/A |
NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network. | |||||
CVE-1999-0011 | 8 Data General, Ibm, Isc and 5 more | 11 Dg Ux, Aix, Bind and 8 more | 2023-12-10 | 10.0 HIGH | N/A |
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer. | |||||
CVE-2000-0092 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2023-12-10 | 6.2 MEDIUM | N/A |
The BSD make program allows local users to modify files via a symlink attack when the -j option is being used. | |||||
CVE-2001-0053 | 3 David Madore, Netbsd, Openbsd | 3 Ftpd-bsd, Netbsd, Openbsd | 2023-12-10 | 10.0 HIGH | N/A |
One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges. | |||||
CVE-2002-1192 | 2 Netbsd, Rogue | 2 Netbsd, Rogue | 2023-12-10 | 4.6 MEDIUM | N/A |
Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD 4.6, and possibly other operating systems, allows local users to gain "games" group privileges via malformed entries in a game save file. | |||||
CVE-1999-0085 | 3 Freebsd, Ibm, Netbsd | 3 Freebsd, Aix, Netbsd | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname. | |||||
CVE-1999-0628 | 4 Freebsd, Ibm, Linux and 1 more | 4 Freebsd, Aix, Linux Kernel and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
The rwho/rwhod service is running, which exposes machine status and user information. | |||||
CVE-2002-0381 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2023-12-10 | 5.0 MEDIUM | N/A |
The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address. | |||||
CVE-2004-0257 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2023-12-10 | 5.0 MEDIUM | N/A |
OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a denial of service (crash) by sending an IPv6 packet with a small MTU to a listening port and then issuing a TCP connect to that port. | |||||
CVE-2003-0730 | 2 Netbsd, Xfree86 Project | 2 Netbsd, X11r6 | 2023-12-10 | 7.5 HIGH | N/A |
Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks. | |||||
CVE-2003-0001 | 4 Freebsd, Linux, Microsoft and 1 more | 5 Freebsd, Linux Kernel, Windows 2000 and 2 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak. | |||||
CVE-1999-1225 | 5 Digital, Linux, Netbsd and 2 more | 5 Ultrix, Linux Kernel, Netbsd and 2 more | 2023-12-10 | 5.0 MEDIUM | N/A |
rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not. | |||||
CVE-2004-0114 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2023-12-10 | 4.6 MEDIUM | N/A |
The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local users to gain read or write access to a portion of kernel memory and gain privileges. | |||||
CVE-2004-2012 | 3 Netbsd, Niels, Vladimir Kotal | 3 Netbsd, Provos Systrace, Systrace Port For Freebsd | 2023-12-10 | 7.2 HIGH | N/A |
The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges. | |||||
CVE-1999-0297 | 5 Bsdi, Freebsd, Netbsd and 2 more | 5 Bsd Os, Freebsd, Netbsd and 2 more | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable. | |||||
CVE-2001-1091 | 1 Netbsd | 1 Netbsd | 2023-12-10 | 7.2 HIGH | N/A |
The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable. | |||||
CVE-2001-0033 | 2 Kth, Netbsd | 2 Kth Kerberos, Netbsd | 2023-12-10 | 7.2 HIGH | N/A |
KTH Kerberos IV allows local users to change the configuration of a Kerberos server running at an elevated privilege by specifying an alternate directory using with the KRBCONFDIR environmental variable, which allows the user to gain additional privileges. | |||||
CVE-2000-0456 | 1 Netbsd | 1 Netbsd | 2023-12-10 | 2.1 LOW | N/A |
NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel which do not yield the CPU, aka "cpu-hog". | |||||
CVE-2001-0554 | 9 Debian, Freebsd, Ibm and 6 more | 11 Debian Linux, Freebsd, Aix and 8 more | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. |