CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Netbsd : Security Vulnerabilities (CVSS score between 2 and 2.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2007-3654 20 DoS 2007-09-17 2008-11-15
2.1
None Local Low Not required None None Partial
The display driver allocattr functions in NetBSD 3.0 through 4.0_BETA2, and NetBSD-current before 20070728, allow local users to cause a denial of service (panic) via a (1) negative or (2) large value in an ioctl call, as demonstrated by the vga_allocattr function.
2 CVE-2006-6657 2006-12-19 2008-09-05
2.1
None Local Low Not required Partial None None
The if_clone_list function in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read potentially sensitive, uninitialized stack memory via unspecified vectors.
3 CVE-2006-6656 +Info 2006-12-19 2008-09-05
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in ptrace in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read kernel memory and obtain sensitive information via certain manipulations of a PT_LWPINFO request, which leads to a memory leak and information leak.
4 CVE-2006-6013 Overflow 2006-11-21 2008-09-05
2.1
None Local Low Not required Partial None None
Integer signedness error in the fw_ioctl (FW_IOCTL) function in the FireWire (IEEE-1394) drivers (dev/firewire/fwdev.c) in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, NetBSD-4 before 20061203, and TrustedBSD, allows local users to read arbitrary memory contents via certain negative values of crom_buf->len in an FW_GCROM command. NOTE: this issue has been labeled as an integer overflow, but it is more like an integer signedness error.
5 CVE-2006-5215 2006-10-10 2008-09-05
2.6
None Local High Not required Partial Partial None
The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file.
6 CVE-2006-2205 DoS 2006-05-05 2013-09-05
2.1
None Local Low Not required None None Partial
The audio_write function in NetBSD 3.0 allows local users to cause a denial of service (kernel crash) by using the audiosetinfo ioctl to change the sample rate of an audio device.
7 CVE-2006-1833 2006-04-19 2008-09-05
2.6
None Remote High Not required Partial None None
Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface.
8 CVE-2006-1814 DoS 2006-04-18 2008-09-05
2.1
None Local Low Not required None None Partial
NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by using the sysctl system call to lock a large buffer into physical memory.
9 CVE-2006-1588 2006-04-03 2008-09-05
2.1
None Local Low Not required Partial None None
The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory.
10 CVE-2006-1587 2006-04-03 2008-09-05
2.1
None Local Low Not required Partial None None
NetBSD 1.6 up to 3.0, when a user has "set record" in .mailrc with the default umask set, creates the record file with 0644 permissions, which allows local users to read the record file.
11 CVE-2005-4783 2005-12-31 2008-09-05
2.1
None Local Low Not required Partial None None
kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory.
12 CVE-2005-4691 2005-12-31 2008-09-05
2.1
None Local Low Not required None Partial None
imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is used for a pre-formatted manual page.
13 CVE-2005-4352 Bypass 2005-12-31 2008-09-05
2.1
None Local Low Not required None Partial None
The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901), which can then be set ahead to the desired time, aka "settimeofday() time wrap."
14 CVE-2005-2134 DoS 2005-07-05 2008-09-10
2.1
None Local Low Not required None None Partial
The (1) clcs and (2) emuxki drivers in NetBSD 1.6 through 2.0.2 allow local users to cause a denial of service (kernel crash) by using the set-parameters ioctl on an audio device to change the block size and set the pause state to "unpaused" in the same ioctl, which causes a divide-by-zero error.
15 CVE-2004-1323 DoS 2004-12-16 2008-09-05
2.1
None Local Low Not required None None Partial
Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions.
16 CVE-2003-1289 2003-12-31 2008-09-05
2.1
None Local Low Not required Partial None None
The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory.
17 CVE-2002-1915 DoS 2002-12-31 2008-09-05
2.1
None Local Low Not required None None Partial
tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file.
18 CVE-2002-1490 DoS Overflow 2003-04-02 2008-09-05
2.1
None Local Low Not required None None Partial
NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other processes.
19 CVE-2001-0993 DoS 2001-07-24 2008-09-05
2.1
None Local Low Not required None None Partial
sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr structure with a large msg_controllen length.
20 CVE-2000-0489 DoS 1999-09-05 2008-09-10
2.1
None Local Low Not required None None Partial
FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers.
21 CVE-2000-0462 2000-05-28 2008-09-10
2.1
None Local Low Not required Partial None None
ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory.
22 CVE-2000-0461 DoS 2000-05-29 2008-09-10
2.1
None Local Low Not required None None Partial
The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call.
23 CVE-2000-0456 DoS 2000-05-28 2008-09-10
2.1
None Local Low Not required None None Partial
NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel which do not yield the CPU, aka "cpu-hog".
24 CVE-1999-1409 1998-07-03 2008-09-10
2.1
None Local Low Not required Partial None None
The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.
25 CVE-1999-1214 255 DoS 1997-09-15 2011-03-10
2.1
None Local Low Not required None None Partial
The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.
26 CVE-1999-0446 DoS 1999-04-12 2008-09-09
2.1
None Local Low Not required None None Partial
Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS.
27 CVE-1999-0396 DoS 1999-02-17 2008-09-09
2.6
None Remote High Not required None None Partial
A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.
28 CVE-1999-0367 1999-02-09 2008-09-09
2.1
None Local Low Not required Partial None None
NetBSD netstat command allows local users to access kernel memory.
Total number of vulnerabilities : 28   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.