Vulnerabilities > Netbsd > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-09-20 | CVE-2001-0710 | NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool. | 5.0 |
| 2001-08-17 | CVE-2001-1145 | Directory Traversal Race Condition vulnerability in Multiple BSD FTS fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories. | 6.2 |
| 2001-07-07 | CVE-2001-1244 | Denial of Service vulnerability in Multiple Vendor Small TCP MSS Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process. | 5.0 |
| 2001-03-12 | CVE-2000-0315 | traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks. | 5.0 |
| 2001-03-12 | CVE-2000-0314 | traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero. | 5.0 |
| 2000-05-01 | CVE-2000-0440 | NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option. | 5.0 |
| 2000-01-19 | CVE-2000-0092 | The BSD make program allows local users to modify files via a symlink attack when the -j option is being used. | 6.2 |
| 1999-07-15 | CVE-1999-1518 | Denial of Service vulnerability in Multiple Vendor Shared Memory Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults. | 5.0 |
| 1999-05-01 | CVE-1999-0764 | Unspecified vulnerability in Netbsd 1.3 NetBSD allows ARP packets to overwrite static ARP entries. | 6.4 |
| 1999-05-01 | CVE-1999-0763 | Unspecified vulnerability in Netbsd 1.3 NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network. | 6.4 |