Filtered by vendor Netbsd
Subscriptions
Total
180 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0033 | 2 Kth, Netbsd | 2 Kth Kerberos, Netbsd | 2025-04-03 | N/A |
| KTH Kerberos IV allows local users to change the configuration of a Kerberos server running at an elevated privilege by specifying an alternate directory using with the KRBCONFDIR environmental variable, which allows the user to gain additional privileges. | ||||
| CVE-2001-0053 | 3 David Madore, Netbsd, Openbsd | 3 Ftpd-bsd, Netbsd, Openbsd | 2025-04-03 | N/A |
| One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges. | ||||
| CVE-2001-0247 | 5 Freebsd, Mit, Netbsd and 2 more | 5 Freebsd, Kerberos 5, Netbsd and 2 more | 2025-04-03 | N/A |
| Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. | ||||
| CVE-2001-0670 | 5 Bsd, Freebsd, Netbsd and 2 more | 5 Bsd, Freebsd, Netbsd and 2 more | 2025-04-03 | N/A |
| Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue. | ||||
| CVE-2001-0710 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2025-04-03 | N/A |
| NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool. | ||||
| CVE-2001-0734 | 1 Netbsd | 1 Netbsd | 2025-04-03 | N/A |
| Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local user to gain privileges via modified Status Register contents, which are not properly handled by (1) the sigreturn system call or (2) the process_write_regs kernel routine. | ||||
| CVE-2001-0993 | 1 Netbsd | 1 Netbsd | 2025-04-03 | N/A |
| sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr structure with a large msg_controllen length. | ||||
| CVE-2001-1091 | 1 Netbsd | 1 Netbsd | 2025-04-03 | N/A |
| The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable. | ||||
| CVE-2001-1145 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2025-04-03 | N/A |
| fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories. | ||||
| CVE-2002-0381 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2025-04-03 | N/A |
| The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address. | ||||
| CVE-2002-1194 | 1 Netbsd | 1 Netbsd | 2025-04-03 | N/A |
| Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other operating systems, may allow remote attackers to execute arbitrary code via a long inbound message. | ||||
| CVE-2002-1543 | 1 Netbsd | 1 Netbsd | 2025-04-03 | N/A |
| Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input. | ||||
| CVE-2002-2245 | 1 Netbsd | 1 Ftpd | 2025-04-03 | N/A |
| ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contains a carriage return followed by a digit, which can cause firewalls and other intermediary devices to lose proper track of the FTP session. | ||||
| CVE-2003-0102 | 3 File, Netbsd, Redhat | 4 File, Netbsd, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize). | ||||
| CVE-1999-1518 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2025-04-03 | N/A |
| Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults. | ||||
| CVE-2003-1289 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2025-04-03 | N/A |
| The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory. | ||||
| CVE-2004-0257 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2025-04-03 | N/A |
| OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a denial of service (crash) by sending an IPv6 packet with a small MTU to a listening port and then issuing a TCP connect to that port. | ||||
| CVE-2004-1323 | 1 Netbsd | 1 Netbsd | 2025-04-03 | N/A |
| Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions. | ||||
| CVE-2004-1374 | 1 Netbsd | 1 Netbsd | 2025-04-03 | N/A |
| Multiple buffer overflows in NetBSD kernel may allow local users to execute arbitrary code and gain privileges. | ||||
| CVE-2005-4691 | 1 Netbsd | 1 Netbsd | 2025-04-03 | N/A |
| imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is used for a pre-formatted manual page. | ||||