Filtered by vendor Netbsd
Subscriptions
Total
179 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2005-4741 | 1 Netbsd | 1 Netbsd | 2022-10-03 | N/A |
NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before 20051031 allows local users to gain privileges by attaching a debugger to a setuid/setgid (P_SUGID) process that performs an exec without a reset of real credentials. | ||||
CVE-2005-4776 | 1 Netbsd | 1 Netbsd | 2022-10-03 | N/A |
Integer overflow in the FreeBSD compatibility code (freebsd_misc.c) in NetBSD-current, NetBSD-3, NetBSD-2.0, and NetBSD-2 before 20050913; and NetBSD-1.6 before 20050914; allows local users to cause a denial of service (heap corruption or system crash) and possibly gain root privileges. | ||||
CVE-2005-4691 | 1 Netbsd | 1 Netbsd | 2022-10-03 | N/A |
imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is used for a pre-formatted manual page. | ||||
CVE-2005-4779 | 1 Netbsd | 1 Netbsd | 2022-10-03 | N/A |
verifiedexecioctl in verified_exec.c in NetBSD 2.0.2 calls NDINIT with UIO_USERSPACE rather than UID_SYSSPACE, which removes the functionality of the verified exec kernel subsystem and might allow local users to execute Trojan horse programs. | ||||
CVE-2005-4782 | 1 Netbsd | 1 Netbsd | 2022-10-03 | N/A |
NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with "options DIAGNOSTIC," allows local users to cause a denial of service (kernel assertion panic) via a negative linger time in the SO_LINGER socket option. | ||||
CVE-2005-4783 | 1 Netbsd | 1 Netbsd | 2022-10-03 | N/A |
kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory. | ||||
CVE-2006-7252 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2022-10-03 | N/A |
Integer overflow in the calloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which triggers a memory allocation of one byte. | ||||
CVE-2006-6653 | 1 Netbsd | 1 Netbsd | 2022-10-03 | N/A |
The accept function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (socket consumption) via an invalid (1) name or (2) namelen parameter, which may result in the socket never being closed (aka "a dangling socket"). | ||||
CVE-2006-6656 | 1 Netbsd | 1 Netbsd | 2022-10-03 | N/A |
Unspecified vulnerability in ptrace in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read kernel memory and obtain sensitive information via certain manipulations of a PT_LWPINFO request, which leads to a memory leak and information leak. | ||||
CVE-2006-6657 | 1 Netbsd | 1 Netbsd | 2022-10-03 | N/A |
The if_clone_list function in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read potentially sensitive, uninitialized stack memory via unspecified vectors. | ||||
CVE-2006-6655 | 1 Netbsd | 1 Netbsd | 2022-10-03 | N/A |
The procfs implementation in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (kernel panic) by attempting to access /emul/linux/proc/0/stat on a procfs filesystem that was mounted with mount_procfs -o linux, which results in a NULL pointer dereference. | ||||
CVE-2006-6014 | 1 Netbsd | 1 Netbsd | 2022-10-03 | N/A |
The NetBSD-current kernel before 20061028 does not properly perform bounds checking of an unspecified userspace parameter in the ptrace system call during a PT_DUMPCORE request, which allows local users to have an unknown impact. | ||||
CVE-2006-6654 | 1 Netbsd | 1 Netbsd | 2022-10-03 | N/A |
The sendmsg function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029, when run on a 64-bit architecture, allows attackers to cause a denial of service (kernel panic) via an invalid msg_controllen parameter to the sendit function. | ||||
CVE-2010-0561 | 1 Netbsd | 1 Netbsd | 2022-10-03 | N/A |
Integer signedness error in NetBSD 4.0, 5.0, and NetBSD-current before 2010-01-21 allows local users to cause a denial of service (kernel panic) via a negative mixer index number being passed to (1) the azalia_query_devinfo function in the azalia audio driver (src/sys/dev/pci/azalia.c) or (2) the hdaudio_afg_query_devinfo function in the hdaudio audio driver (src/sys/dev/pci/hdaudio/hdaudio_afg.c). | ||||
CVE-2010-2530 | 3 Apple, Freebsd, Netbsd | 3 Mac Os X, Freebsd, Netbsd | 2022-10-03 | N/A |
Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service (panic) via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a (1) SMBIOC_LOOKUP or (2) SMBIOC_OPENSESSION ioctl call. | ||||
CVE-2003-0653 | 1 Netbsd | 1 Netbsd | 2022-10-03 | N/A |
The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets. | ||||
CVE-2011-2393 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2022-10-03 | N/A |
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD, NetBSD, and possibly other BSD-based operating systems allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, a similar vulnerability to CVE-2010-4670. | ||||
CVE-2007-6754 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2022-10-03 | N/A |
The ipalloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD does not properly allocate memory, which makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, related to "integer rounding and overflow" errors. | ||||
CVE-2020-26139 | 5 Arista, Cisco, Debian and 2 more | 330 C-100, C-100 Firmware, C-110 and 327 more | 2022-09-30 | 5.3 Medium |
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients. | ||||
CVE-1999-0628 | 4 Freebsd, Ibm, Linux and 1 more | 4 Freebsd, Aix, Linux Kernel and 1 more | 2022-08-17 | N/A |
The rwho/rwhod service is running, which exposes machine status and user information. |