National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:netbsd:netbsd:1.5.1
There are 47 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity
CVE-2004-1323

Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions.

Published: December 16, 2004; 12:00:00 AM -05:00
    V2: 2.1 LOW
CVE-2004-0230

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.

Published: August 18, 2004; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2003-1289

The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory.

Published: December 31, 2003; 12:00:00 AM -05:00
    V2: 2.1 LOW
CVE-2003-0730

Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks.

Published: October 20, 2003; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2003-0681

A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.

Published: October 06, 2003; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2003-0694

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

Published: October 06, 2003; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-2003-0466

Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.

Published: August 27, 2003; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-2003-0653

The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets.

Published: August 27, 2003; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2002-1476

Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local attackers to execute arbitrary code via a user-controlled locale string that has more than 6 elements, which exceeds the boundaries of the new_categories category array, as exploitable through programs such as xterm and zsh.

Published: April 22, 2003; 12:00:00 AM -04:00
    V2: 4.6 MEDIUM
CVE-2002-1490

NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other processes.

Published: April 02, 2003; 12:00:00 AM -05:00
    V2: 2.1 LOW
CVE-2002-1500

Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET().

Published: April 02, 2003; 12:00:00 AM -05:00
    V2: 7.2 HIGH
CVE-2002-1543

Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input.

Published: March 31, 2003; 12:00:00 AM -05:00
    V2: 4.6 MEDIUM
CVE-2003-0102

Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).

Published: March 18, 2003; 12:00:00 AM -05:00
    V2: 4.6 MEDIUM
CVE-2002-1337

Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.

Published: March 07, 2003; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-2003-0001

Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.

Published: January 17, 2003; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2002-1915

tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file.

Published: December 31, 2002; 12:00:00 AM -05:00
    V2: 2.1 LOW
CVE-2002-2092

Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid.

Published: December 31, 2002; 12:00:00 AM -05:00
    V2: 3.7 LOW
CVE-2002-0666

IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.

Published: November 04, 2002; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2002-1192

Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD 4.6, and possibly other operating systems, allows local users to gain "games" group privileges via malformed entries in a game save file.

Published: October 28, 2002; 12:00:00 AM -05:00
    V2: 4.6 MEDIUM
CVE-2002-1194

Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other operating systems, may allow remote attackers to execute arbitrary code via a long inbound message.

Published: October 28, 2002; 12:00:00 AM -05:00
    V2: 7.5 HIGH