VYPR

NetBSD

by NetBSD

Source repositories

CVEs (176)

  • CVE-1999-0466Apr 21, 1999
    risk 0.00cvss epss 0.00

    The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device.

  • CVE-1999-0446Apr 12, 1999
    risk 0.00cvss epss 0.00

    Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS.

  • CVE-1999-0434Mar 30, 1999
    risk 0.00cvss epss 0.01

    XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.

  • CVE-1999-0422Mar 17, 1999
    risk 0.00cvss epss 0.00

    In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set.

  • CVE-1999-0396Feb 17, 1999
    risk 0.00cvss epss 0.01

    A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.

  • CVE-1999-0367Feb 9, 1999
    risk 0.00cvss epss 0.00

    NetBSD netstat command allows local users to access kernel memory.

  • CVE-1999-0303May 21, 1998
    risk 0.00cvss epss 0.00

    Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.

  • CVE-1999-0010Apr 8, 1998
    risk 0.00cvss epss 0.02

    Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.

  • CVE-1999-0323Feb 20, 1998
    risk 0.00cvss epss 0.01

    FreeBSD mmap function allows users to modify append-only or immutable files.

  • CVE-1999-0304Feb 1, 1998
    risk 0.00cvss epss 0.00

    mmap function in BSD allows local attackers in the kmem group to modify memory through devices.

  • CVE-1999-0017Dec 10, 1997
    risk 0.00cvss epss 0.02

    FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.

  • CVE-1999-1214Sep 15, 1997
    risk 0.00cvss epss 0.00

    The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.

  • CVE-1999-1225Aug 24, 1997
    risk 0.00cvss epss 0.02

    rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not.

  • CVE-1999-0628Jul 1, 1997
    risk 0.00cvss epss 0.01

    The rwho/rwhod service is running, which exposes machine status and user information.

  • CVE-1999-0297Dec 12, 1996
    risk 0.00cvss epss 0.00

    Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.

  • CVE-1999-0085Aug 21, 1996
    risk 0.00cvss epss 0.04

    Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname.

Page 9 of 9