Vulnerabilities > Netbsd > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-10-10 | CVE-2006-5215 | Local Security vulnerability in NetBSD The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file. | 2.6 |
| 2006-05-05 | CVE-2006-2205 | Local Denial of Service vulnerability in Netbsd 3.0 The audio_write function in NetBSD 3.0 allows local users to cause a denial of service (kernel crash) by using the audiosetinfo ioctl to change the sample rate of an audio device. | 2.1 |
| 2006-04-19 | CVE-2006-1833 | Unspecified vulnerability in Netbsd Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface. | 2.6 |
| 2006-04-18 | CVE-2006-1814 | Local Denial of Service vulnerability in NetBSD Sysctl NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by using the sysctl system call to lock a large buffer into physical memory. | 2.1 |
| 2006-04-03 | CVE-2006-1587 | Local Security vulnerability in NetBSD NetBSD 1.6 up to 3.0, when a user has "set record" in .mailrc with the default umask set, creates the record file with 0644 permissions, which allows local users to read the record file. | 2.1 |
| 2006-04-03 | CVE-2006-1588 | Unspecified vulnerability in Netbsd The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory. | 2.1 |
| 2005-12-31 | CVE-2005-4352 | The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901), which can then be set ahead to the desired time, aka "settimeofday() time wrap." | 2.1 |
| 2005-12-31 | CVE-2005-4691 | Unspecified vulnerability in Netbsd imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is used for a pre-formatted manual page. | 2.1 |
| 2005-12-31 | CVE-2005-4779 | Local Security vulnerability in Netbsd 2.0/2.0.1/2.0.2 verifiedexecioctl in verified_exec.c in NetBSD 2.0.2 calls NDINIT with UIO_USERSPACE rather than UID_SYSSPACE, which removes the functionality of the verified exec kernel subsystem and might allow local users to execute Trojan horse programs. | 3.6 |
| 2005-12-31 | CVE-2005-4783 | Local Security vulnerability in NetBSD kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory. | 2.1 |