Filtered by vendor Netbsd
Subscriptions
Filtered by product Netbsd
Subscriptions
Total
175 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-1999-0764 | 1 Netbsd | 1 Netbsd | 2008-09-09 | N/A |
NetBSD allows ARP packets to overwrite static ARP entries. | ||||
CVE-1999-0763 | 1 Netbsd | 1 Netbsd | 2008-09-09 | N/A |
NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network. | ||||
CVE-1999-0466 | 1 Netbsd | 1 Netbsd | 2008-09-09 | N/A |
The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device. | ||||
CVE-1999-0446 | 1 Netbsd | 1 Netbsd | 2008-09-09 | N/A |
Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS. | ||||
CVE-1999-0434 | 5 Caldera, Debian, Netbsd and 2 more | 5 Openlinux, Debian Linux, Netbsd and 2 more | 2008-09-09 | N/A |
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. | ||||
CVE-1999-0367 | 1 Netbsd | 1 Netbsd | 2008-09-09 | N/A |
NetBSD netstat command allows local users to access kernel memory. | ||||
CVE-1999-0323 | 4 Bsdi, Freebsd, Netbsd and 1 more | 4 Bsd Os, Freebsd, Netbsd and 1 more | 2008-09-09 | N/A |
FreeBSD mmap function allows users to modify append-only or immutable files. | ||||
CVE-2007-4305 | 5 Netbsd, Openbsd, Sysjail and 2 more | 5 Netbsd, Openbsd, Sysjail and 2 more | 2008-09-05 | N/A |
Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing. | ||||
CVE-2002-1543 | 1 Netbsd | 1 Netbsd | 2008-09-05 | N/A |
Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input. | ||||
CVE-2002-1500 | 1 Netbsd | 1 Netbsd | 2008-09-05 | N/A |
Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET(). | ||||
CVE-2002-1490 | 1 Netbsd | 1 Netbsd | 2008-09-05 | N/A |
NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other processes. | ||||
CVE-2002-1476 | 1 Netbsd | 1 Netbsd | 2008-09-05 | N/A |
Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local attackers to execute arbitrary code via a user-controlled locale string that has more than 6 elements, which exceeds the boundaries of the new_categories category array, as exploitable through programs such as xterm and zsh. | ||||
CVE-2002-0414 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2008-09-05 | N/A |
KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets. | ||||
CVE-2002-0381 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2008-09-05 | N/A |
The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address. | ||||
CVE-2000-0751 | 3 Netbsd, Openbsd, Redhat | 3 Netbsd, Openbsd, Linux | 2008-09-05 | N/A |
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands. |