Total
176 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1490 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 2.1 LOW | N/A |
|
NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other processes.
|
|||||
| CVE-2001-0734 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 7.2 HIGH | N/A |
|
Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local user to gain privileges via modified Status Register contents, which are not properly handled by (1) the sigreturn system call or (2) the process_write_regs kernel routine.
|
|||||
| CVE-2006-1588 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 2.1 LOW | N/A |
|
The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory.
|
|||||
| CVE-2003-0001 | 4 Freebsd, Linux, Microsoft and 1 more | 5 Freebsd, Linux Kernel, Windows 2000 and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
|
|||||
| CVE-2005-4352 | 2 Linux, Netbsd | 2 Linux Kernel, Netbsd | 2025-04-03 | 2.1 LOW | N/A |
|
The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901), which can then be set ahead to the desired time, aka "settimeofday() time wrap."
|
|||||
| CVE-1999-0046 | 10 Bsdi, Debian, Digital and 7 more | 10 Bsd Os, Debian Linux, Ultrix and 7 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow of rlogin program using TERM environmental variable.
|
|||||
| CVE-2000-1208 | 4 Immunix, Netbsd, Openbsd and 1 more | 4 Immunix, Netbsd, Openbsd and 1 more | 2025-04-03 | 7.2 HIGH | N/A |
|
Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call.
|
|||||
| CVE-2002-1543 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input.
|
|||||
| CVE-2000-0461 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2025-04-03 | 2.1 LOW | N/A |
|
The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call.
|
|||||
| CVE-2006-1814 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 2.1 LOW | N/A |
|
NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by using the sysctl system call to lock a large buffer into physical memory.
|
|||||
| CVE-2006-0905 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2025-04-03 | 7.5 HIGH | N/A |
|
A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks.
|
|||||
| CVE-2003-0681 | 8 Apple, Gentoo, Hp and 5 more | 14 Mac Os X, Mac Os X Server, Linux and 11 more | 2025-04-03 | 7.5 HIGH | N/A |
|
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
|
|||||
| CVE-2002-1915 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2025-04-03 | 2.1 LOW | 5.5 MEDIUM |
|
tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file.
|
|||||
| CVE-2002-1194 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other operating systems, may allow remote attackers to execute arbitrary code via a long inbound message.
|
|||||
| CVE-1999-0304 | 4 Bsdi, Freebsd, Netbsd and 1 more | 4 Bsd Os, Freebsd, Netbsd and 1 more | 2025-04-03 | 7.2 HIGH | N/A |
|
mmap function in BSD allows local attackers in the kmem group to modify memory through devices.
|
|||||
| CVE-2000-0094 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 7.2 HIGH | N/A |
|
procfs in BSD systems allows local users to gain root privileges by modifying the /proc/pid/mem interface via a modified file descriptor for stderr.
|
|||||
| CVE-2000-0751 | 3 Netbsd, Openbsd, Redhat | 3 Netbsd, Openbsd, Linux | 2025-04-03 | 7.5 HIGH | N/A |
|
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.
|
|||||
| CVE-1999-0628 | 4 Freebsd, Ibm, Linux and 1 more | 4 Freebsd, Aix, Linux Kernel and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The rwho/rwhod service is running, which exposes machine status and user information.
|
|||||
| CVE-2001-0033 | 2 Kth, Netbsd | 2 Kth Kerberos, Netbsd | 2025-04-03 | 7.2 HIGH | N/A |
|
KTH Kerberos IV allows local users to change the configuration of a Kerberos server running at an elevated privilege by specifying an alternate directory using with the KRBCONFDIR environmental variable, which allows the user to gain additional privileges.
|
|||||
| CVE-1999-0015 | 4 Hp, Microsoft, Netbsd and 1 more | 5 Hp-ux, Windows 95, Windows Nt and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Teardrop IP denial of service.
|
|||||
| CVE-2006-2205 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 2.1 LOW | N/A |
|
The audio_write function in NetBSD 3.0 allows local users to cause a denial of service (kernel crash) by using the audiosetinfo ioctl to change the sample rate of an audio device.
|
|||||
| CVE-2000-0157 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 7.2 HIGH | N/A |
|
NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process.
|
|||||
| CVE-2001-0053 | 3 David Madore, Netbsd, Openbsd | 3 Ftpd-bsd, Netbsd, Openbsd | 2025-04-03 | 10.0 HIGH | N/A |
|
One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges.
|
|||||
| CVE-1999-0466 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 7.2 HIGH | N/A |
|
The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device.
|
|||||
| CVE-2005-2134 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 2.1 LOW | N/A |
|
The (1) clcs and (2) emuxki drivers in NetBSD 1.6 through 2.0.2 allow local users to cause a denial of service (kernel crash) by using the set-parameters ioctl on an audio device to change the block size and set the pause state to "unpaused" in the same ioctl, which causes a divide-by-zero error.
|
|||||
| CVE-2001-0247 | 5 Freebsd, Mit, Netbsd and 2 more | 5 Freebsd, Kerberos 5, Netbsd and 2 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.
|
|||||
| CVE-1999-0763 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 6.4 MEDIUM | N/A |
|
NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network.
|
|||||
| CVE-1999-1518 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults.
|
|||||
| CVE-1999-0074 | 4 Freebsd, Linux, Microsoft and 1 more | 4 Freebsd, Linux Kernel, Windows Nt and 1 more | 2025-04-03 | 6.4 MEDIUM | N/A |
|
Listening TCP ports are sequentially allocated, allowing spoofing attacks.
|
|||||
| CVE-2003-0694 | 11 Apple, Compaq, Freebsd and 8 more | 18 Mac Os X, Mac Os X Server, Tru64 and 15 more | 2025-04-03 | 10.0 HIGH | N/A |
|
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
|
|||||
| CVE-1999-0433 | 5 Netbsd, Redhat, Slackware and 2 more | 5 Netbsd, Linux, Slackware Linux and 2 more | 2025-04-03 | 4.6 MEDIUM | N/A |
|
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
|
|||||
| CVE-2000-0456 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 2.1 LOW | N/A |
|
NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel which do not yield the CPU, aka "cpu-hog".
|
|||||
| CVE-2000-0750 | 3 Netbsd, Openbsd, Redhat | 3 Netbsd, Openbsd, Linux | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name.
|
|||||
| CVE-2001-1091 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 7.2 HIGH | N/A |
|
The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable.
|
|||||
| CVE-2001-0554 | 9 Debian, Freebsd, Ibm and 6 more | 11 Debian Linux, Freebsd, Aix and 8 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
|
|||||
| CVE-2002-0381 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address.
|
|||||
| CVE-1999-0016 | 6 Cisco, Gnu, Hp and 3 more | 8 Ios, Inet, Hp-ux and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Land IP denial of service.
|
|||||
| CVE-2004-0257 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
|
OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a denial of service (crash) by sending an IPv6 packet with a small MTU to a listening port and then issuing a TCP connect to that port.
|
|||||
| CVE-1999-0434 | 5 Caldera, Debian, Netbsd and 2 more | 5 Openlinux, Debian Linux, Netbsd and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
|
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
|
|||||
| CVE-1999-0513 | 7 Digital, Freebsd, Hp and 4 more | 8 Unix, Freebsd, Hp-ux and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
|
|||||