NetBSD
by NetBSD
Source repositories
CVEs (176)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2005-2134 | 0.00 | — | 0.00 | Jul 5, 2005 | The (1) clcs and (2) emuxki drivers in NetBSD 1.6 through 2.0.2 allow local users to cause a denial of service (kernel crash) by using the set-parameters ioctl on an audio device to change the block size and set the pause state to "unpaused" in the same ioctl, which causes a… | |||
| CVE-2004-1374 | 0.00 | — | 0.00 | Dec 18, 2004 | Multiple buffer overflows in NetBSD kernel may allow local users to execute arbitrary code and gain privileges. | |||
| CVE-2004-1323 | 0.00 | — | 0.00 | Dec 16, 2004 | Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions. | |||
| CVE-2004-0257 | 0.00 | — | 0.02 | Nov 23, 2004 | OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a denial of service (crash) by sending an IPv6 packet with a small MTU to a listening port and then issuing a TCP connect to that port. | |||
| CVE-2003-1289 | 0.00 | — | 0.00 | Dec 31, 2003 | The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into… | |||
| CVE-2003-0914 | 0.00 | — | 0.03 | Dec 15, 2003 | ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. | |||
| CVE-2003-0730 | 0.00 | — | 0.05 | Oct 20, 2003 | Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks. | |||
| CVE-2003-0653 | 0.00 | — | 0.01 | Aug 27, 2003 | The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI… | |||
| CVE-2002-1476 | 0.00 | — | 0.00 | Apr 22, 2003 | Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local attackers to execute arbitrary code via a user-controlled locale string that has more than 6 elements, which exceeds the… | |||
| CVE-2002-1490 | 0.00 | — | 0.00 | Apr 2, 2003 | NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other… | |||
| CVE-2002-1500 | 0.00 | — | 0.00 | Apr 2, 2003 | Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET(). | |||
| CVE-2002-1543 | 0.00 | — | 0.00 | Mar 31, 2003 | Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input. | |||
| CVE-2002-2092 | 0.00 | — | 0.00 | Dec 31, 2002 | Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid. | |||
| CVE-2002-2245 | 0.00 | — | 0.01 | Dec 31, 2002 | ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contains a carriage return followed by a digit, which can cause firewalls and other intermediary devices to lose proper track of the FTP session. | |||
| CVE-2002-0666 | 0.00 | — | 0.02 | Nov 4, 2002 | IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in… | |||
| CVE-2002-1194 | 0.00 | — | 0.03 | Oct 28, 2002 | Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other operating systems, may allow remote attackers to execute arbitrary code via a long inbound message. | |||
| CVE-2000-1208 | 0.00 | — | 0.00 | Aug 12, 2002 | Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call. | |||
| CVE-2002-0830 | 0.00 | — | 0.02 | Aug 12, 2002 | Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, NetBSD 1.5.3 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service (hang) via an RPC message with a zero length payload, which causes NFS to reference a previous… | |||
| CVE-2002-0414 | 0.00 | — | 0.01 | Aug 12, 2002 | KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4… | |||
| CVE-2002-0381 | 0.00 | — | 0.02 | Jun 25, 2002 | The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address. |
- CVE-2005-2134Jul 5, 2005risk 0.00cvss —epss 0.00
The (1) clcs and (2) emuxki drivers in NetBSD 1.6 through 2.0.2 allow local users to cause a denial of service (kernel crash) by using the set-parameters ioctl on an audio device to change the block size and set the pause state to "unpaused" in the same ioctl, which causes a…
- CVE-2004-1374Dec 18, 2004risk 0.00cvss —epss 0.00
Multiple buffer overflows in NetBSD kernel may allow local users to execute arbitrary code and gain privileges.
- CVE-2004-1323Dec 16, 2004risk 0.00cvss —epss 0.00
Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions.
- CVE-2004-0257Nov 23, 2004risk 0.00cvss —epss 0.02
OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a denial of service (crash) by sending an IPv6 packet with a small MTU to a listening port and then issuing a TCP connect to that port.
- CVE-2003-1289Dec 31, 2003risk 0.00cvss —epss 0.00
The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into…
- CVE-2003-0914Dec 15, 2003risk 0.00cvss —epss 0.03
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
- CVE-2003-0730Oct 20, 2003risk 0.00cvss —epss 0.05
Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks.
- CVE-2003-0653Aug 27, 2003risk 0.00cvss —epss 0.01
The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI…
- CVE-2002-1476Apr 22, 2003risk 0.00cvss —epss 0.00
Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local attackers to execute arbitrary code via a user-controlled locale string that has more than 6 elements, which exceeds the…
- CVE-2002-1490Apr 2, 2003risk 0.00cvss —epss 0.00
NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other…
- CVE-2002-1500Apr 2, 2003risk 0.00cvss —epss 0.00
Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET().
- CVE-2002-1543Mar 31, 2003risk 0.00cvss —epss 0.00
Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input.
- CVE-2002-2092Dec 31, 2002risk 0.00cvss —epss 0.00
Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid.
- CVE-2002-2245Dec 31, 2002risk 0.00cvss —epss 0.01
ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contains a carriage return followed by a digit, which can cause firewalls and other intermediary devices to lose proper track of the FTP session.
- CVE-2002-0666Nov 4, 2002risk 0.00cvss —epss 0.02
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in…
- CVE-2002-1194Oct 28, 2002risk 0.00cvss —epss 0.03
Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other operating systems, may allow remote attackers to execute arbitrary code via a long inbound message.
- CVE-2000-1208Aug 12, 2002risk 0.00cvss —epss 0.00
Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call.
- CVE-2002-0830Aug 12, 2002risk 0.00cvss —epss 0.02
Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, NetBSD 1.5.3 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service (hang) via an RPC message with a zero length payload, which causes NFS to reference a previous…
- CVE-2002-0414Aug 12, 2002risk 0.00cvss —epss 0.01
KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4…
- CVE-2002-0381Jun 25, 2002risk 0.00cvss —epss 0.02
The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address.
Page 7 of 9