70 matches found
CVE-2010-0561
NetBSD kernels (versions 4.0, 5.0, and NetBSD-current before 2010-01-21) are affected by a local denial-of-service vulnerability caused by an integer signedness error in the audio subsystem. Specifically, passing a negative mixer index to azalia_query_devinfo (azalia.c) or hdaudio_afg_query_devin...
CVE-2002-2245
NetBSD ftpd is affected on versions 1.5 through 1.5.3 and 1.6. The issue arises because the FTP server does not properly quote a digit in the response to a STAT command for a filename containing a carriage return followed by a digit, which can cause firewalls and other intermediary devices to los...
CVE-2007-1273
The CVE concerns NetBSD kernels compiled with COMPAT_FREEBSD or COMPAT_DARWIN. Affected are NetBSD-current prior to 20061022, NetBSD 3 and 3-0 prior to 20061024, and NetBSD 2 prior to 20070209. The issue is an integer overflow in the ktruser function, which can allow local users to cause a denial...
CVE-2005-4352
The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value 19 Jan 2038, which then wraps around to the minimum value 13 Dec 190...
CVE-2004-2012
The systraceexit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges...
CVE-2004-0257
OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a denial of service crash by sending an IPv6 packet with a small MTU to a listening port and then issuing a TCP connect to that port...
CVE-2004-0114
The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vmmapfind function fails, which could allow local users to gain read or...
TCP RST packets spoofing
By sending spoofed RST it's possible to terminate established TCP connection. unlike TPC hijacking attacks there is no need for exact TCP sequence number, and number can be any number from handshaked TCP window. It significantly increases attack efficiency. In NetBSD sequence number for RST is no...
[PINE-CERT-20040201] reference count overflow in shmat()
------------------------------------------------------------------------------- Pine Digital Security Advisory ------------------------------------------------------------------------------- Advisory ID : PINE-CERT-20040201 CAN-2004-0114 Authors : Joost Pol Vendor Informed : 2004-02-01 Issue date...
CVE-2003-0653
The OSI networking kernel sys/netiso in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service kernel panic or crash via certain OSI packets...
CVE-2001-1145
fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change chdir into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories...
CVE-2001-1091
The 1 dump and 2 dumplfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMDCMD environment variable...
CVE-2001-0710
NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool...
CVE-2001-1091
The 1 dump and 2 dumplfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMDCMD environment variable...
CVE-2001-0993
sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service kernel trap or panic via a msghdr structure with a large msgcontrollen length...
Дырка в NetBSD на процессорах Hitachi (privelege escalation)
Недостаточная проверка ввода пользователя в нескольких системных вазовах...
CVE-2000-0952
global.cgi CGI program in Global 3.55 and earlier on NetBSD allows remote attackers to execute arbitrary commands via shell metacharacters...
CVE-2000-0489
FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers...
CVE-2000-0440
NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option...
FreeBSD 3.x4.05.0 NetBSD 1.4.11.4.2 OpenBSD 2.x - Denial of Service
FreeBSD 3.x4.05.0 NetBSD 1.4.11.4.2 OpenBSD 2.x - Denial of Service // source: https://www.securityfocus.com/bid/1296/info A denial of service attack exists that affects FreeBSD, NetBSD and OpenBSD. It is believed that all versions of these operating systems are vulnerable. The vulnerability is...