Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

netbsd-netstat.txt

🗓️ 17 Aug 1999 00:00:00Reported by Packet StormType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 32 Views

NetBSD Security Advisory 1999-002: Non-root users can access all kernel memory via netstat issue.

Code
`Date: Tue, 9 Feb 1999 17:15:23 +1100  
From: matthew green <[email protected]>  
To: [email protected]  
Subject: NetBSD Security Advisory 1999-002  
  
-----BEGIN PGP SIGNED MESSAGE-----  
  
NetBSD Security Advisory 1999-002  
=================================  
  
Topic: Security problem with netstat  
Version: NetBSD-current from 19980603 to 19990208.  
Severity: Local users are able to read any kernel memory  
location.  
  
  
Abstract  
========  
  
In the version of netstat between the two dates above, a security hole  
exists which will allow non-root users to examine any kernel memory  
location.  
  
  
Technical Details  
=================  
  
The code which was added to allow printing of kernel protocol control  
blocks does not have strict checks to make certain the memory being  
display is a protocol control block. Also, since the block contains  
information like TCP sequence numbers, users should generally not be  
allowed to examine these blocks.  
  
Solutions and Workarounds  
=========================  
  
NetBSD-current users should update to a source tree newer than  
19990208, or apply this patch and rebuild netstat:  
  
ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/patches/19990208-netstat  
  
  
If this action cannot be taken easily, netstat can be disabled for  
non-root users.  
  
chmod 555 /usr/bin/netstat  
  
  
Thanks To  
=========  
  
Thanks go to Michael Graff <[email protected]> and Charles Hannum  
<[email protected]> for the discovery and resolution of this bug.  
  
  
More Information  
================  
  
Information about NetBSD and NetBSD security can be found at  
http://www.NetBSD.ORG/ and http://www.NetBSD.ORG/Security/.  
  
  
Copyright 1999, The NetBSD Foundation, Inc. All Rights Reserved.  
  
$NetBSD: NetBSD-SA1999-002.txt,v 1.2 1999/02/09 01:27:27 mrg Exp $  
  
-----BEGIN PGP SIGNATURE-----  
Version: 2.6.3ia  
Charset: noconv  
  
iQCVAwUBNr/O/T5Ru2/4N2IFAQHoEQQAm9tgcL/9FCCrt+aNUe0oPIgZjlL0w93w  
qGMo9JeeVx3YdHh9lPo1YH1ra9Jeb5SDVY3d0CJo+hHE5cudKCsMHFj1oKpDr9ZS  
u9TAk6P8e5FKCUemcLrsYWIo0n+hk8xKyTtXEgjzbDRxJp2VtemiG1hR2Q6yTIex  
8dWtyKTd9fI=  
=6eFn  
-----END PGP SIGNATURE-----  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
17 Aug 1999 00:00Current
7.4High risk
Vulners AI Score7.4
netbsdsecurity advisorykernel memory accessnetstat vulnerabilitypatch update
32