Vulnerabilities > Netbsd > Netbsd > 2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-04-03 | CVE-2006-1588 | Unspecified vulnerability in Netbsd The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory. | 2.1 |
| 2006-04-03 | CVE-2006-1587 | Local Security vulnerability in NetBSD NetBSD 1.6 up to 3.0, when a user has "set record" in .mailrc with the default umask set, creates the record file with 0644 permissions, which allows local users to read the record file. | 2.1 |
| 2006-03-23 | CVE-2006-0905 | A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks. | 7.5 |
| 2006-01-09 | CVE-2006-0145 | Local Kernel Memory Disclosure vulnerability in Multiple Vendor KernFS LSEEK The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and gain privileges via the lseek system call. | 4.6 |
| 2005-12-31 | CVE-2005-4783 | Local Security vulnerability in NetBSD kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory. | 2.1 |
| 2005-12-31 | CVE-2005-4782 | Local Denial of Service vulnerability in NetBSD SO_LINGER DIAGNOSTIC Checking NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with "options DIAGNOSTIC," allows local users to cause a denial of service (kernel assertion panic) via a negative linger time in the SO_LINGER socket option. | 4.9 |
| 2005-12-31 | CVE-2005-4779 | Local Security vulnerability in Netbsd 2.0/2.0.1/2.0.2 verifiedexecioctl in verified_exec.c in NetBSD 2.0.2 calls NDINIT with UIO_USERSPACE rather than UID_SYSSPACE, which removes the functionality of the verified exec kernel subsystem and might allow local users to execute Trojan horse programs. | 3.6 |
| 2005-12-31 | CVE-2005-4776 | Denial-Of-Service vulnerability in NetBSD Integer overflow in the FreeBSD compatibility code (freebsd_misc.c) in NetBSD-current, NetBSD-3, NetBSD-2.0, and NetBSD-2 before 20050913; and NetBSD-1.6 before 20050914; allows local users to cause a denial of service (heap corruption or system crash) and possibly gain root privileges. | 7.2 |
| 2005-12-31 | CVE-2005-4741 | Local PTrace Privilege Escalation vulnerability in NetBSD NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before 20051031 allows local users to gain privileges by attaching a debugger to a setuid/setgid (P_SUGID) process that performs an exec without a reset of real credentials. | 7.5 |
| 2005-12-31 | CVE-2005-4733 | Denial-Of-Service vulnerability in Netbsd 2.0 NetBSD 2.0 before 20050316 and NetBSD-current before 20050112 allow local users to cause a denial of service (infinite loop and system hang) by calling the F_CLOSEM fcntl with a parameter value of 0. | 4.9 |