Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Netbsd
(Netbsd)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 168 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
1999-02-17 | CVE-1999-0396 | A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service. | Netbsd, Openbsd | N/A | ||
1999-03-17 | CVE-1999-0422 | In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set. | Netbsd | N/A | ||
1999-03-21 | CVE-1999-0433 | XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. | Netbsd, Linux, Slackware_linux, Suse_linux, X11r6 | N/A | ||
2001-08-14 | CVE-2001-0554 | Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. | Debian_linux, Freebsd, Aix, Kerberos, Kerberos_5, Netbsd, Linux_netkit, Openbsd, Irix, Solaris, Sunos | N/A | ||
2021-12-25 | CVE-2021-45489 | In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG. | Netbsd | 7.5 | ||
2020-02-20 | CVE-2012-5363 | The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393. | Freebsd, Netbsd | N/A | ||
2020-02-20 | CVE-2012-5365 | The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries. | Freebsd, Netbsd | N/A | ||
2001-06-18 | CVE-2001-0247 | Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. | Freebsd, Kerberos_5, Netbsd, Openbsd, Irix | N/A | ||
2019-11-27 | CVE-2011-2480 | Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the user, disclosing potentially sensitive information. | Freebsd, Netbsd | N/A | ||
2017-06-19 | CVE-2017-1000378 | The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects NetBSD 7.1 and possibly earlier versions. | Netbsd | 9.8 |