| 2001-09-20 | CVE-2001-0710 | NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool. | 5.0 |
| 2001-08-23 | CVE-2001-1091 | Local Security vulnerability in NetBSD
The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable. | 7.2 |
| 2001-08-14 | CVE-2001-0554 | Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. | 10.0 |
| 2001-07-24 | CVE-2001-0993 | Denial of Service vulnerability in NetBSD sendmsg
sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr structure with a large msg_controllen length. | 2.1 |
| 2001-06-18 | CVE-2001-0247 | Buffer Overflow vulnerability in Multiple Vendor BSD ftpd glob()
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. | 10.0 |
| 2001-05-03 | CVE-2001-0268 | The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address. | 7.2 |
| 2001-02-12 | CVE-2001-0053 | One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges. | 10.0 |
| 2000-12-19 | CVE-2000-0997 | Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges. | 7.2 |
| 2000-12-19 | CVE-2000-0993 | Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd. | 7.2 |
| 2000-10-20 | CVE-2000-0751 | mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands. | 7.5 |