Filtered by vendor Netbsd Subscriptions
Filtered by product Netbsd Subscriptions
Total 176 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2001-1244 7 Freebsd, Hp, Linux and 4 more 9 Freebsd, Hp-ux, Vvos and 6 more 2024-11-21 N/A
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
CVE-2001-1145 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2024-11-21 N/A
fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories.
CVE-2001-1091 1 Netbsd 1 Netbsd 2024-11-21 N/A
The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable.
CVE-2001-0993 1 Netbsd 1 Netbsd 2024-11-21 N/A
sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr structure with a large msg_controllen length.
CVE-2001-0734 1 Netbsd 1 Netbsd 2024-11-21 N/A
Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local user to gain privileges via modified Status Register contents, which are not properly handled by (1) the sigreturn system call or (2) the process_write_regs kernel routine.
CVE-2001-0710 2 Freebsd, Netbsd 2 Freebsd, Netbsd 2024-11-21 N/A
NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool.
CVE-2001-0670 5 Bsd, Freebsd, Netbsd and 2 more 5 Bsd, Freebsd, Netbsd and 2 more 2024-11-21 N/A
Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue.
CVE-2001-0554 10 Debian, Freebsd, Ibm and 7 more 12 Debian Linux, Freebsd, Aix and 9 more 2024-11-21 N/A
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
CVE-2001-0268 2 Netbsd, Openbsd 2 Netbsd, Openbsd 2024-11-21 N/A
The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address.
CVE-2001-0247 5 Freebsd, Mit, Netbsd and 2 more 5 Freebsd, Kerberos 5, Netbsd and 2 more 2024-11-21 N/A
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.
CVE-2001-0053 3 David Madore, Netbsd, Openbsd 3 Ftpd-bsd, Netbsd, Openbsd 2024-11-21 N/A
One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges.
CVE-2001-0033 2 Kth, Netbsd 2 Kth Kerberos, Netbsd 2024-11-21 N/A
KTH Kerberos IV allows local users to change the configuration of a Kerberos server running at an elevated privilege by specifying an alternate directory using with the KRBCONFDIR environmental variable, which allows the user to gain additional privileges.
CVE-2000-1208 4 Immunix, Netbsd, Openbsd and 1 more 4 Immunix, Netbsd, Openbsd and 1 more 2024-11-21 N/A
Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call.
CVE-2000-0997 2 Netbsd, Openbsd 2 Netbsd, Openbsd 2024-11-21 N/A
Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges.
CVE-2000-0993 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2024-11-21 N/A
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd.
CVE-2000-0751 3 Netbsd, Openbsd, Redhat 3 Netbsd, Openbsd, Linux 2024-11-21 N/A
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.
CVE-2000-0750 3 Netbsd, Openbsd, Redhat 3 Netbsd, Openbsd, Linux 2024-11-21 N/A
Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name.
CVE-2000-0489 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2024-11-21 N/A
FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers.
CVE-2000-0462 1 Netbsd 1 Netbsd 2024-11-21 N/A
ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory.
CVE-2000-0461 2 Freebsd, Netbsd 2 Freebsd, Netbsd 2024-11-21 N/A
The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call.