Vulnerabilities > Netbsd > Netbsd > 2.0.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-04-18 | CVE-2006-1797 | Local Denial of Service vulnerability in NetBSD SIOCGIFALIAS IOCTL The kernel in NetBSD-current before September 28, 2005 allows local users to cause a denial of service (system crash) by using the SIOCGIFALIAS ioctl to gather information on a non-existent alias of a network interface, which causes a NULL pointer dereference. | 4.9 |
2006-04-03 | CVE-2006-1589 | Denial-Of-Service vulnerability in NetBSD The elf_load_file function in NetBSD 2.0 through 3.0 allows local users to cause a denial of service (kernel crash) via an ELF interpreter that does not have a PT_LOAD section in its header, which triggers a null dereference. | 4.9 |
2006-04-03 | CVE-2006-1588 | Unspecified vulnerability in Netbsd The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory. | 2.1 |
2006-04-03 | CVE-2006-1587 | Local Security vulnerability in NetBSD NetBSD 1.6 up to 3.0, when a user has "set record" in .mailrc with the default umask set, creates the record file with 0644 permissions, which allows local users to read the record file. | 2.1 |
2006-01-09 | CVE-2006-0145 | Local Kernel Memory Disclosure vulnerability in Multiple Vendor KernFS LSEEK The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and gain privileges via the lseek system call. | 4.6 |
2005-12-31 | CVE-2005-4783 | Local Security vulnerability in NetBSD kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory. | 2.1 |
2005-12-31 | CVE-2005-4782 | Local Denial of Service vulnerability in NetBSD SO_LINGER DIAGNOSTIC Checking NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with "options DIAGNOSTIC," allows local users to cause a denial of service (kernel assertion panic) via a negative linger time in the SO_LINGER socket option. | 4.9 |
2005-12-31 | CVE-2005-4741 | Local PTrace Privilege Escalation vulnerability in NetBSD NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before 20051031 allows local users to gain privileges by attaching a debugger to a setuid/setgid (P_SUGID) process that performs an exec without a reset of real credentials. | 7.5 |
2005-12-31 | CVE-2005-4352 | The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901), which can then be set ahead to the desired time, aka "settimeofday() time wrap." | 2.1 |