Search Results (Refine Search)
- CPE Product Version: cpe:/o:netbsd:netbsd:1.3.1
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2001-0993 |
sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr structure with a large msg_controllen length. Published: July 24, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2001-0247 |
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. Published: June 18, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2001-0268 |
The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address. Published: May 03, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2000-0314 |
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero. Published: March 12, 2001; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2000-0315 |
traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks. Published: March 12, 2001; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-1999-0674 |
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve. Published: August 09, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-1518 |
Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults. Published: July 15, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-1999-0466 |
The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device. Published: April 21, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0446 |
Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS. Published: April 12, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-1999-1409 |
The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail. Published: July 03, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-1999-0303 |
Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. Published: May 21, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-0009 |
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. Published: April 08, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-0010 |
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. Published: April 08, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-1999-0011 |
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer. Published: April 08, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |