Vulnerabilities > Netbsd > Netbsd > 1.4.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-09-29 | CVE-2010-2530 | Numeric Errors vulnerability in multiple products Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service (panic) via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a (1) SMBIOC_LOOKUP or (2) SMBIOC_OPENSESSION ioctl call. | 4.9 |
2009-09-18 | CVE-2009-2793 | Permissions, Privileges, and Access Controls vulnerability in Netbsd The kernel in NetBSD, probably 5.0.1 and earlier, on x86 platforms does not properly handle a pre-commit failure of the iret instruction, which might allow local users to gain privileges via vectors related to a tempEIP pseudocode variable that is outside of the code-segment limits. | 4.6 |
2006-10-10 | CVE-2006-5215 | Local Security vulnerability in NetBSD The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file. | 2.6 |
2003-10-06 | CVE-2003-0694 | The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | 10.0 |
2003-10-06 | CVE-2003-0681 | Buffer Overflow vulnerability in Sendmail Ruleset Parsing A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. | 7.5 |
2003-04-02 | CVE-2002-1500 | Buffer Overflow vulnerability in NetBSD IPv4 Multicast Tools Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET(). | 7.2 |
2003-04-02 | CVE-2002-1490 | Buffer Overflow vulnerability in NetBSD Repeated TIOSCTTY IOCTL NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other processes. | 2.1 |
2002-12-31 | CVE-2002-2092 | Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid. | 3.7 |
2002-12-31 | CVE-2002-1915 | Improper Locking vulnerability in multiple products tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file. | 5.5 |
2001-10-03 | CVE-2001-0670 | Buffer Overflow vulnerability in Multiple BSD Vendor lpd Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue. | 7.5 |