Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x up to and including 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET().
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netbsd netbsd 1.4.1 |
||
netbsd netbsd 1.5.3 |
||
netbsd netbsd 1.5 |
||
netbsd netbsd 1.4 |
||
netbsd netbsd 1.4.2 |
||
netbsd netbsd 1.5.1 |
||
netbsd netbsd 1.4.3 |
||
netbsd netbsd 1.5.2 |