Vulnerabilities > Netbsd
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-04-25 | CVE-2007-2242 | Denial of Service vulnerability in IPv6 Protocol Type 0 Route Header The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers. | 7.8 |
| 2007-03-30 | CVE-2007-1677 | Buffer Overflow vulnerability in NetBSD ISO(4) Multiple buffer overflows in the ISO network protocol support in the NetBSD kernel 2.0 through 4.0_BETA2, and NetBSD-current before 20070329, allow local users to execute arbitrary code via long parameters to certain functions, as demonstrated by a long sockaddr structure argument to the clnp_route function. | 6.6 |
| 2007-03-20 | CVE-2007-1523 | Local Buffer Overflow vulnerability in Netbsd 3.0 Heap-based buffer overflow in the kernel in NetBSD 3.0, certain versions of FreeBSD and OpenBSD, and possibly other BSD derived operating systems allows local users to have an unknown impact. | 7.5 |
| 2007-03-10 | CVE-2007-1273 | Integer Overflow vulnerability in Navision Financials Server 3.0 Integer overflow in the ktruser function in NetBSD-current before 20061022, NetBSD 3 and 3-0 before 20061024, and NetBSD 2 before 20070209, when the kernel is built with the COMPAT_FREEBSD or COMPAT_DARWIN option, allows local users to cause a denial of service and possibly gain privileges. | 6.9 |
| 2006-12-26 | CVE-2006-6730 | Local Security vulnerability in NetBSD OpenBSD and NetBSD permit usermode code to kill the display server and write to the X.Org /dev/xf86 device, which allows local users with root privileges to reduce securelevel by replacing the System Management Mode (SMM) handler via a write to an SMRAM address within /dev/xf86 (aka the video card memory-mapped I/O range), and then launching the new handler via a System Management Interrupt (SMI), as demonstrated by a write to Programmed I/O port 0xB2. | 6.6 |
| 2006-12-20 | CVE-2006-6657 | Local Security vulnerability in NetBSD The if_clone_list function in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read potentially sensitive, uninitialized stack memory via unspecified vectors. | 2.1 |
| 2006-12-20 | CVE-2006-6656 | Information Disclosure vulnerability in NetBSD Unspecified vulnerability in ptrace in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read kernel memory and obtain sensitive information via certain manipulations of a PT_LWPINFO request, which leads to a memory leak and information leak. | 2.1 |
| 2006-12-20 | CVE-2006-6655 | Denial-Of-Service vulnerability in NetBSD The procfs implementation in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (kernel panic) by attempting to access /emul/linux/proc/0/stat on a procfs filesystem that was mounted with mount_procfs -o linux, which results in a NULL pointer dereference. | 1.7 |
| 2006-12-20 | CVE-2006-6654 | Denial-Of-Service vulnerability in NetBSD The sendmsg function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029, when run on a 64-bit architecture, allows attackers to cause a denial of service (kernel panic) via an invalid msg_controllen parameter to the sendit function. network netbsd | 4.3 |
| 2006-12-20 | CVE-2006-6653 | Improper Input Validation vulnerability in Netbsd The accept function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (socket consumption) via an invalid (1) name or (2) namelen parameter, which may result in the socket never being closed (aka "a dangling socket"). | 1.7 |