Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netbsd vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2006-1587
NetBSD 1.6 up to 3.0, when a user has "set record" in .mailrc with the default umask set, creates the record file with 0644 permissions, which allows local users to read the record file.
Netbsd Netbsd 1.6.2
Netbsd Netbsd 1.6
Netbsd Netbsd 2.0.2
Netbsd Netbsd 2.0.3
Netbsd Netbsd 1.6.1
Netbsd Netbsd 2.1
Netbsd Netbsd 3.0
Netbsd Netbsd 2.0
Netbsd Netbsd 2.0.1
4.9
CVSSv2
CVE-2006-1589
The elf_load_file function in NetBSD 2.0 up to and including 3.0 allows local users to cause a denial of service (kernel crash) via an ELF interpreter that does not have a PT_LOAD section in its header, which triggers a null dereference.
Netbsd Netbsd 3.0
Netbsd Netbsd 2.0.1
Netbsd Netbsd 2.0.2
Netbsd Netbsd 2.0.3
Netbsd Netbsd 2.1
Netbsd Netbsd 2.0
2.1
CVSSv2
CVE-2006-1588
The bridge ioctl (if_bridge code) in NetBSD 1.6 up to and including 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory.
Netbsd Netbsd 1.6
Netbsd Netbsd 2.1
Netbsd Netbsd 3.0
Netbsd Netbsd 2.0
Netbsd Netbsd 2.0.1
Netbsd Netbsd 2.0.2
Netbsd Netbsd 2.0.3
Netbsd Netbsd 1.6.1
Netbsd Netbsd 1.6.2
7.5
CVSSv2
CVE-2006-0905
A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE up to and including 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote ma...
Freebsd Freebsd 4.10
Freebsd Freebsd 4.8
Freebsd Freebsd 5.0
Freebsd Freebsd 5.1
Freebsd Freebsd 5.3
Freebsd Freebsd 6.0
Freebsd Freebsd 4.11
Freebsd Freebsd 4.9
Netbsd Netbsd 2.0
Netbsd Netbsd 3.0
Freebsd Freebsd 5.2
Freebsd Freebsd 5.4
Freebsd Freebsd 5.2.1
4.6
CVSSv2
CVE-2006-0145
The kernfs_xread function in kernfs in NetBSD 1.6 up to and including 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and gain privileges vi...
Netbsd Netbsd 2.0.2
Netbsd Netbsd 2.0.3
Netbsd Netbsd 1.6
Netbsd Netbsd 1.6.1
Netbsd Netbsd 2.1
Netbsd Netbsd 2.0
Netbsd Netbsd 2.0.1
Netbsd Netbsd 1.6.2
4.9
CVSSv2
CVE-2005-4733
NetBSD 2.0 prior to 20050316 and NetBSD-current prior to 20050112 allow local users to cause a denial of service (infinite loop and system hang) by calling the F_CLOSEM fcntl with a parameter value of 0.
Netbsd Netbsd 2.0
7.2
CVSSv2
CVE-2005-4776
Integer overflow in the FreeBSD compatibility code (freebsd_misc.c) in NetBSD-current, NetBSD-3, NetBSD-2.0, and NetBSD-2 prior to 20050913; and NetBSD-1.6 prior to 20050914; allows local users to cause a denial of service (heap corruption or system crash) and possibly gain root ...
Netbsd Netbsd 1.6
Netbsd Netbsd 1.6.1
Netbsd Netbsd 2.0.1
Netbsd Netbsd 2.0.2
Netbsd Netbsd 1.6.2
Netbsd Netbsd 2.0
3.6
CVSSv2
CVE-2005-4779
verifiedexecioctl in verified_exec.c in NetBSD 2.0.2 calls NDINIT with UIO_USERSPACE rather than UID_SYSSPACE, which removes the functionality of the verified exec kernel subsystem and might allow local users to execute Trojan horse programs.
Netbsd Netbsd 2.0
Netbsd Netbsd 2.0.1
Netbsd Netbsd 2.0.2
4.9
CVSSv2
CVE-2005-4782
NetBSD 2.0 prior to 2.0.4, 2.1 prior to 2.1.1, and 3, when the kernel is compiled with "options DIAGNOSTIC," allows local users to cause a denial of service (kernel assertion panic) via a negative linger time in the SO_LINGER socket option.
Netbsd Netbsd 2.0.3
Netbsd Netbsd 2.0
Netbsd Netbsd 2.0.1
Netbsd Netbsd 2.0.2
Netbsd Netbsd 2.1
2.1
CVSSv2
CVE-2005-4783
kernfs_xread in kernfs_vnops.c in NetBSD prior to 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory.
Netbsd Netbsd 1.6
Netbsd Netbsd 2.0
Netbsd Netbsd 2.0.3
Netbsd Netbsd 2.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »