VYPR

NetBSD

by NetBSD

Source repositories

CVEs (176)

  • CVE-2001-0734Oct 18, 2001
    risk 0.00cvss epss 0.00

    Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local user to gain privileges via modified Status Register contents, which are not properly handled by (1) the sigreturn system call or (2) the process_write_regs kernel routine.

  • CVE-2001-0710Sep 20, 2001
    risk 0.00cvss epss 0.02

    NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool.

  • CVE-2001-1091Aug 23, 2001
    risk 0.00cvss epss 0.00

    The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable.

  • CVE-2001-1145Aug 17, 2001
    risk 0.00cvss epss 0.00

    fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on…

  • CVE-2001-0993Jul 24, 2001
    risk 0.00cvss epss 0.00

    sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr structure with a large msg_controllen length.

  • CVE-2001-1244Jul 7, 2001
    risk 0.00cvss epss 0.35

    Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that…

  • CVE-2001-0268May 3, 2001
    risk 0.00cvss epss 0.01

    The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table…

  • CVE-2000-0315Mar 12, 2001
    risk 0.00cvss epss 0.02

    traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.

  • CVE-2000-0314Mar 12, 2001
    risk 0.00cvss epss 0.02

    traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.

  • CVE-2001-0033Feb 16, 2001
    risk 0.00cvss epss 0.00

    KTH Kerberos IV allows local users to change the configuration of a Kerberos server running at an elevated privilege by specifying an alternate directory using with the KRBCONFDIR environmental variable, which allows the user to gain additional privileges.

  • CVE-2001-0094Feb 12, 2001
    risk 0.00cvss epss 0.00

    Buffer overflow in kdc_reply_cipher of libkrb (Kerberos 4 authentication library) in NetBSD 1.5 and FreeBSD 4.2 and earlier, as used in Kerberised applications such as telnetd and login, allows local users to gain root privileges.

  • CVE-2000-0997Dec 19, 2000
    risk 0.00cvss epss 0.01

    Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges.

  • CVE-2000-0750Oct 20, 2000
    risk 0.00cvss epss 0.02

    Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name.

  • CVE-2000-0461May 29, 2000
    risk 0.00cvss epss 0.00

    The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call.

  • CVE-2000-0456May 28, 2000
    risk 0.00cvss epss 0.00

    NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel which do not yield the CPU, aka "cpu-hog".

  • CVE-2000-0462May 28, 2000
    risk 0.00cvss epss 0.00

    ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory.

  • CVE-2000-0157Feb 1, 2000
    risk 0.00cvss epss 0.00

    NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process.

  • CVE-2000-0092Jan 19, 2000
    risk 0.00cvss epss 0.00

    The BSD make program allows local users to modify files via a symlink attack when the -j option is being used.

  • CVE-1999-0763May 1, 1999
    risk 0.00cvss epss 0.01

    NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network.

  • CVE-1999-0764May 1, 1999
    risk 0.00cvss epss 0.01

    NetBSD allows ARP packets to overwrite static ARP entries.

Page 8 of 9