NetbsdCVEs & Vulnerabilities

180 CVEs affecting Netbsd products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

netbsd 787ftpd 6tnftpd 2netbsd current 1umapfs 1
CVE-2000-0462LOW

ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory.

28 May 2000
2.1
CVSS
CVE-2000-0440MEDIUMpoc

NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option.

1 May 2000
5.0
CVSS
CVE-2000-0094HIGHpoc

procfs in BSD systems allows local users to gain root privileges by modifying the /proc/pid/mem interface via a modified file descriptor for stderr.

16 Feb 2000
7.2
CVSS
CVE-2000-0157HIGH

NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process.

1 Feb 2000
7.2
CVSS
CVE-2000-0092MEDIUM

The BSD make program allows local users to modify files via a symlink attack when the -j option is being used.

19 Jan 2000
6.2
CVSS
CVE-2000-0489LOWpoc

FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers.

5 Sep 1999
2.1
CVSS
CVE-1999-0674HIGHpoc

The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.

9 Aug 1999
7.2
CVSS
CVE-1999-1518MEDIUMpoc

Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults.

15 Jul 1999
5.0
CVSS
CVE-1999-0763MEDIUM

NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network.

1 May 1999
6.4
CVSS
CVE-1999-0764MEDIUM

NetBSD allows ARP packets to overwrite static ARP entries.

1 May 1999
6.4
CVSS
CVE-1999-0466HIGH

The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device.

21 Apr 1999
7.2
CVSS
CVE-1999-0446LOW

Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS.

12 Apr 1999
2.1
CVSS
CVE-1999-0434HIGH

XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.

30 Mar 1999
7.5
CVSS
CVE-1999-0433MEDIUMpoc

XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.

21 Mar 1999
4.6
CVSS
CVE-1999-0420HIGH

umapfs allows local users to gain root privileges by changing their uid through a malicious mount_umap program.

17 Mar 1999
7.2
CVSS
CVE-1999-0422MEDIUM

In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set.

17 Mar 1999
4.6
CVSS
CVE-1999-0396LOW

A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.

17 Feb 1999
2.6
CVSS
CVE-1999-0367LOW

NetBSD netstat command allows local users to access kernel memory.

9 Feb 1999
2.1
CVSS
CVE-1999-1409LOWpoc

The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.

3 Jul 1998
2.1
CVSS
CVE-1999-0303MEDIUM

Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.

21 May 1998
4.6
CVSS
CVE-1999-0010MEDIUM

Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.

8 Apr 1998
5.0
CVSS
CVE-1999-0011MEDIUM

Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.

8 Apr 1998
5.4
CVSS
CVE-1999-0009CRITICALpoc

Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.

8 Apr 1998
10.0
CVSS
CVE-1999-0323CRITICAL

FreeBSD mmap function allows users to modify append-only or immutable files.

20 Feb 1998
10.0
CVSS
CVE-1999-0304HIGH

mmap function in BSD allows local attackers in the kmem group to modify memory through devices.

1 Feb 1998
7.2
CVSS
CVE-1999-0513MEDIUMpoc

ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.

5 Jan 1998
5.0
CVSS
CVE-1999-0015MEDIUMpoc

Teardrop IP denial of service.

16 Dec 1997
5.0
CVSS
CVE-1999-0017HIGH

FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.

10 Dec 1997
7.5
CVSS
CVE-1999-0016MEDIUMpoc

Land IP denial of service.

1 Dec 1997
5.0
CVSS
CVE-1999-1214LOW

The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.

15 Sep 1997
2.1
CVSS
CVE-1999-1225MEDIUM

rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not.

24 Aug 1997
5.0
CVSS
CVE-1999-0074MEDIUM

Listening TCP ports are sequentially allocated, allowing spoofing attacks.

1 Jul 1997
6.4
CVSS
CVE-1999-0628MEDIUM

The rwho/rwhod service is running, which exposes machine status and user information.

1 Jul 1997
5.0
CVSS
CVE-1999-0046CRITICALpoc

Buffer overflow of rlogin program using TERM environmental variable.

6 Feb 1997
10.0
CVSS
CVE-1999-0297HIGH

Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.

12 Dec 1996
7.2
CVSS
CVE-1999-0085HIGH

Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname.

21 Aug 1996
7.5
CVSS
← PrevPage 4 / 4Next →