VYPR

NetBSD

by NetBSD

Source repositories

CVEs (176)

  • CVE-2006-5218Oct 10, 2006
    risk 0.00cvss epss 0.00

    Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl.

  • CVE-2006-5214Oct 10, 2006
    risk 0.00cvss epss 0.00

    Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local…

  • CVE-2006-3202Jun 23, 2006
    risk 0.00cvss epss 0.00

    The ip6_savecontrol function in NetBSD 2.0 through 3.0, under certain configurations, does not check to see if IPv4-mapped sockets are being used before processing IPv6 socket options, which allows local users to cause a denial of service (crash) by creating an IPv4-mapped IPv6…

  • CVE-2006-2205May 5, 2006
    risk 0.00cvss epss 0.00

    The audio_write function in NetBSD 3.0 allows local users to cause a denial of service (kernel crash) by using the audiosetinfo ioctl to change the sample rate of an audio device.

  • CVE-2006-1833Apr 19, 2006
    risk 0.00cvss epss 0.01

    Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface.

  • CVE-2006-1814Apr 18, 2006
    risk 0.00cvss epss 0.00

    NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by using the sysctl system call to lock a large buffer into physical memory.

  • CVE-2006-1797Apr 18, 2006
    risk 0.00cvss epss 0.00

    The kernel in NetBSD-current before September 28, 2005 allows local users to cause a denial of service (system crash) by using the SIOCGIFALIAS ioctl to gather information on a non-existent alias of a network interface, which causes a NULL pointer dereference.

  • CVE-2006-1587Apr 3, 2006
    risk 0.00cvss epss 0.00

    NetBSD 1.6 up to 3.0, when a user has "set record" in .mailrc with the default umask set, creates the record file with 0644 permissions, which allows local users to read the record file.

  • CVE-2006-1588Apr 3, 2006
    risk 0.00cvss epss 0.00

    The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory.

  • CVE-2006-1589Apr 3, 2006
    risk 0.00cvss epss 0.00

    The elf_load_file function in NetBSD 2.0 through 3.0 allows local users to cause a denial of service (kernel crash) via an ELF interpreter that does not have a PT_LOAD section in its header, which triggers a null dereference.

  • CVE-2006-0905Mar 23, 2006
    risk 0.00cvss epss 0.02

    A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture…

  • CVE-2006-0145Jan 9, 2006
    risk 0.00cvss epss 0.00

    The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and gain privileges via the lseek…

  • CVE-2005-4741Dec 31, 2005
    risk 0.00cvss epss 0.01

    NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before 20051031 allows local users to gain privileges by attaching a debugger to a setuid/setgid (P_SUGID) process that performs an exec without a reset of real credentials.

  • CVE-2005-4782Dec 31, 2005
    risk 0.00cvss epss 0.00

    NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with "options DIAGNOSTIC," allows local users to cause a denial of service (kernel assertion panic) via a negative linger time in the SO_LINGER socket option.

  • CVE-2005-4691Dec 31, 2005
    risk 0.00cvss epss 0.00

    imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is used for a pre-formatted…

  • CVE-2005-4733Dec 31, 2005
    risk 0.00cvss epss 0.00

    NetBSD 2.0 before 20050316 and NetBSD-current before 20050112 allow local users to cause a denial of service (infinite loop and system hang) by calling the F_CLOSEM fcntl with a parameter value of 0.

  • CVE-2005-4352Dec 31, 2005
    risk 0.00cvss epss 0.00

    The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the…

  • CVE-2005-4779Dec 31, 2005
    risk 0.00cvss epss 0.00

    verifiedexecioctl in verified_exec.c in NetBSD 2.0.2 calls NDINIT with UIO_USERSPACE rather than UID_SYSSPACE, which removes the functionality of the verified exec kernel subsystem and might allow local users to execute Trojan horse programs.

  • CVE-2005-4776Dec 31, 2005
    risk 0.00cvss epss 0.00

    Integer overflow in the FreeBSD compatibility code (freebsd_misc.c) in NetBSD-current, NetBSD-3, NetBSD-2.0, and NetBSD-2 before 20050913; and NetBSD-1.6 before 20050914; allows local users to cause a denial of service (heap corruption or system crash) and possibly gain root…

  • CVE-2005-4783Dec 31, 2005
    risk 0.00cvss epss 0.00

    kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory.

Page 6 of 9