Filtered by vendor Netbsd
Subscribe
Total
179 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-0145 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 4.6 MEDIUM | N/A |
The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and gain privileges via the lseek system call. | |||||
CVE-2005-4783 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 2.1 LOW | N/A |
kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory. | |||||
CVE-2006-2205 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 2.1 LOW | N/A |
The audio_write function in NetBSD 3.0 allows local users to cause a denial of service (kernel crash) by using the audiosetinfo ioctl to change the sample rate of an audio device. | |||||
CVE-2006-3202 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 4.9 MEDIUM | N/A |
The ip6_savecontrol function in NetBSD 2.0 through 3.0, under certain configurations, does not check to see if IPv4-mapped sockets are being used before processing IPv6 socket options, which allows local users to cause a denial of service (crash) by creating an IPv4-mapped IPv6 socket with the SO_TIMESTAMP socket option set, then sending an IPv4 packet through the socket. | |||||
CVE-2006-1797 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 4.9 MEDIUM | N/A |
The kernel in NetBSD-current before September 28, 2005 allows local users to cause a denial of service (system crash) by using the SIOCGIFALIAS ioctl to gather information on a non-existent alias of a network interface, which causes a NULL pointer dereference. | |||||
CVE-2005-4776 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 7.2 HIGH | N/A |
Integer overflow in the FreeBSD compatibility code (freebsd_misc.c) in NetBSD-current, NetBSD-3, NetBSD-2.0, and NetBSD-2 before 20050913; and NetBSD-1.6 before 20050914; allows local users to cause a denial of service (heap corruption or system crash) and possibly gain root privileges. | |||||
CVE-2005-4733 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 4.9 MEDIUM | N/A |
NetBSD 2.0 before 20050316 and NetBSD-current before 20050112 allow local users to cause a denial of service (infinite loop and system hang) by calling the F_CLOSEM fcntl with a parameter value of 0. | |||||
CVE-2006-0905 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2024-02-04 | 7.5 HIGH | N/A |
A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks. | |||||
CVE-2005-4352 | 2 Linux, Netbsd | 2 Linux Kernel, Netbsd | 2024-02-04 | 2.1 LOW | N/A |
The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901), which can then be set ahead to the desired time, aka "settimeofday() time wrap." | |||||
CVE-2005-4741 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 7.5 HIGH | N/A |
NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before 20051031 allows local users to gain privileges by attaching a debugger to a setuid/setgid (P_SUGID) process that performs an exec without a reset of real credentials. | |||||
CVE-2005-2134 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 2.1 LOW | N/A |
The (1) clcs and (2) emuxki drivers in NetBSD 1.6 through 2.0.2 allow local users to cause a denial of service (kernel crash) by using the set-parameters ioctl on an audio device to change the block size and set the pause state to "unpaused" in the same ioctl, which causes a divide-by-zero error. | |||||
CVE-2006-1589 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 4.9 MEDIUM | N/A |
The elf_load_file function in NetBSD 2.0 through 3.0 allows local users to cause a denial of service (kernel crash) via an ELF interpreter that does not have a PT_LOAD section in its header, which triggers a null dereference. | |||||
CVE-2006-1587 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 2.1 LOW | N/A |
NetBSD 1.6 up to 3.0, when a user has "set record" in .mailrc with the default umask set, creates the record file with 0644 permissions, which allows local users to read the record file. | |||||
CVE-2006-1833 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 2.6 LOW | N/A |
Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface. | |||||
CVE-2005-4782 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 4.9 MEDIUM | N/A |
NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with "options DIAGNOSTIC," allows local users to cause a denial of service (kernel assertion panic) via a negative linger time in the SO_LINGER socket option. | |||||
CVE-2006-1814 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 2.1 LOW | N/A |
NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by using the sysctl system call to lock a large buffer into physical memory. | |||||
CVE-1999-0304 | 4 Bsdi, Freebsd, Netbsd and 1 more | 4 Bsd Os, Freebsd, Netbsd and 1 more | 2024-02-04 | 7.2 HIGH | N/A |
mmap function in BSD allows local attackers in the kmem group to modify memory through devices. | |||||
CVE-2001-1145 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2024-02-04 | 6.2 MEDIUM | N/A |
fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories. | |||||
CVE-2000-0997 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges. | |||||
CVE-2004-0257 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2024-02-04 | 5.0 MEDIUM | N/A |
OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a denial of service (crash) by sending an IPv6 packet with a small MTU to a listening port and then issuing a TCP connect to that port. |