Vulnerabilities > Netbsd > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-04-18 | CVE-2006-1797 | Local Denial of Service vulnerability in NetBSD SIOCGIFALIAS IOCTL The kernel in NetBSD-current before September 28, 2005 allows local users to cause a denial of service (system crash) by using the SIOCGIFALIAS ioctl to gather information on a non-existent alias of a network interface, which causes a NULL pointer dereference. | 4.9 |
| 2006-04-03 | CVE-2006-1589 | Denial-Of-Service vulnerability in NetBSD The elf_load_file function in NetBSD 2.0 through 3.0 allows local users to cause a denial of service (kernel crash) via an ELF interpreter that does not have a PT_LOAD section in its header, which triggers a null dereference. | 4.9 |
| 2006-01-09 | CVE-2006-0145 | Local Kernel Memory Disclosure vulnerability in Multiple Vendor KernFS LSEEK The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and gain privileges via the lseek system call. | 4.6 |
| 2005-12-31 | CVE-2005-4782 | Local Denial of Service vulnerability in NetBSD SO_LINGER DIAGNOSTIC Checking NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with "options DIAGNOSTIC," allows local users to cause a denial of service (kernel assertion panic) via a negative linger time in the SO_LINGER socket option. | 4.9 |
| 2005-12-31 | CVE-2005-4733 | Denial-Of-Service vulnerability in Netbsd 2.0 NetBSD 2.0 before 20050316 and NetBSD-current before 20050112 allow local users to cause a denial of service (infinite loop and system hang) by calling the F_CLOSEM fcntl with a parameter value of 0. | 4.9 |
| 2004-11-23 | CVE-2004-0257 | Remote Denial Of Service vulnerability in BSD ICMPV6 Handling Routines OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a denial of service (crash) by sending an IPv6 packet with a small MTU to a listening port and then issuing a TCP connect to that port. | 5.0 |
| 2004-08-18 | CVE-2004-0230 | TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. | 5.0 |
| 2004-03-03 | CVE-2004-0114 | Privilege Escalation vulnerability in BSD Kernel SHMAT System Call The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local users to gain read or write access to a portion of kernel memory and gain privileges. | 4.6 |
| 2003-12-15 | CVE-2003-0914 | ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. | 4.3 |
| 2003-08-27 | CVE-2003-0653 | Denial-Of-Service vulnerability in NetBSD The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets. | 5.0 |