CVE Daily
← All tags

Tag: NetBSD

All CVEs associated with "NetBSD". Page 2/2 • 138 CVEs.

Subscribe CVEs: RSS for “NetBSD”  ·  RSS (High+Critical only)

About “NetBSD”

A curated feed of “NetBSD”-related CVEs appears below. We currently track 138 CVEs for this tag (all time). In the last 365 days, 3 were published. Average CVSS is 5.5 (all time; 5.9 over 365d), and 36% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-190 - Integer Overflow or Wraparound, CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'), CWE-125 - Out-of-bounds Read.

In our taxonomy this topic maps to a MODERATE impact class. Issues here typically affect operating system packages or kernels. Plan reboots or service restarts and coordinate rollouts across fleets. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2001-03-12
Medium

CVE-2000-0315

traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.

CVSS: 5.0 CWE: N/A View on NVD
2001-02-12
High

CVE-2001-0094

Buffer overflow in kdc_reply_cipher of libkrb (Kerberos 4 authentication library) in NetBSD 1.5 and FreeBSD 4.2 and earlier, as used in Kerberised applications such as telnetd and login, allows local…

CVSS: 7.2 CWE: N/A View on NVD
2000-12-19
Critical

CVE-2000-0952

global.cgi CGI program in Global 3.55 and earlier on NetBSD allows remote attackers to execute arbitrary commands via shell metacharacters.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2000-0997

Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges.

CVSS: 7.2 CWE: N/A View on NVD
2000-07-07
Medium

CVE-2000-0574

FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), w…

CVSS: 5.0 CWE: N/A View on NVD
2000-05-28
Low

CVE-2000-0456

NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel which do not yield the CPU, aka "cpu-hog".

CVSS: 2.1 CWE: N/A View on NVD
Low

CVE-2000-0462

ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory.

CVSS: 2.1 CWE: N/A View on NVD
2000-05-01
Medium

CVE-2000-0440

NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option.

CVSS: 5.0 CWE: N/A View on NVD
2000-02-01
High

CVE-2000-0157

NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process.

CVSS: 7.2 CWE: N/A View on NVD
1999-09-05
Low

CVE-2000-0489

FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then…

CVSS: 2.1 CWE: N/A View on NVD
1999-05-01
Medium

CVE-1999-0763

NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network.

CVSS: 6.4 CWE: N/A View on NVD
Medium

CVE-1999-0764

NetBSD allows ARP packets to overwrite static ARP entries.

CVSS: 6.4 CWE: N/A View on NVD
1999-04-21
High

CVE-1999-0466

The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device.

CVSS: 7.2 CWE: N/A View on NVD
1999-04-12
Low

CVE-1999-0446

Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS.

CVSS: 2.1 CWE: N/A View on NVD
1999-03-17
Medium

CVE-1999-0422

In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set.

CVSS: 4.6 CWE: N/A View on NVD
1999-02-17
Low

CVE-1999-0396

A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.

CVSS: 2.6 CWE: N/A View on NVD
1999-02-09
Low

CVE-1999-0367

NetBSD netstat command allows local users to access kernel memory.

CVSS: 2.1 CWE: N/A View on NVD
1998-07-03
Low

CVE-1999-1409

The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that a…

CVSS: 2.1 CWE: N/A View on NVD