VYPR

NetBSD

by NetBSD

Source repositories

CVEs (176)

  • CVE-2004-2012Dec 31, 2004
    risk 0.03cvss epss 0.01

    The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges.

  • CVE-2004-0114Mar 3, 2004
    risk 0.03cvss epss 0.01

    The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local…

  • CVE-2003-0102Mar 18, 2003
    risk 0.03cvss epss 0.02

    Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).

  • CVE-2002-1192Oct 28, 2002
    risk 0.03cvss epss 0.01

    Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD 4.6, and possibly other operating systems, allows local users to gain "games" group privileges via malformed entries in a game save file.

  • CVE-2002-1165Oct 11, 2002
    risk 0.03cvss epss 0.01

    Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters,…

  • CVE-2002-0004Feb 27, 2002
    risk 0.03cvss epss 0.01

    Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.

  • CVE-2000-0993Dec 19, 2000
    risk 0.03cvss epss 0.02

    Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd.

  • CVE-2000-0751Oct 20, 2000
    risk 0.03cvss epss 0.04

    mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.

  • CVE-2000-0440May 1, 2000
    risk 0.03cvss epss 0.03

    NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option.

  • CVE-2000-0094Feb 16, 2000
    risk 0.03cvss epss 0.01

    procfs in BSD systems allows local users to gain root privileges by modifying the /proc/pid/mem interface via a modified file descriptor for stderr.

  • CVE-2000-0489Sep 5, 1999
    risk 0.03cvss epss 0.01

    FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers.

  • CVE-1999-0674Aug 9, 1999
    risk 0.03cvss epss 0.01

    The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.

  • CVE-1999-1518Jul 15, 1999
    risk 0.03cvss epss 0.03

    Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults.

  • CVE-1999-0433Mar 21, 1999
    risk 0.03cvss epss 0.01

    XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.

  • CVE-1999-1409Jul 3, 1998
    risk 0.03cvss epss 0.01

    The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.

  • CVE-2015-2305Mar 30, 2015
    risk 0.01cvss epss 0.08

    Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular…

  • CVE-2011-2895Aug 19, 2011
    risk 0.01cvss epss 0.08

    The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType…

  • CVE-2010-4755Mar 2, 2011
    risk 0.01cvss epss 0.08

    The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory…

  • CVE-2006-4304Aug 24, 2006
    risk 0.01cvss epss 0.11

    Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code…

  • CVE-2001-0670Oct 3, 2001
    risk 0.01cvss epss 0.07

    Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue.

Page 3 of 9