threat
engine
.sh
Back
·
··:··
Home
/
Product
/
netbsd
Product
netbsd
172 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2024-6387
<= 10.0.0
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to
8.1
HIGH
CVE-2023-45198
< 2023-09-30
ftpd before "NetBSD-ftpd 20230930" can leak information about the host filesystem before authentication via an MLSD or MLST comman
7.5
HIGH
CVE-2021-45489
<= 9.2
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG.
7.5
HIGH
CVE-2021-45488
<= 9.2
In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.
7.5
HIGH
CVE-2021-45487
<= 9.2
In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures.
7.5
HIGH
CVE-2021-45484
<= 9.2
In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.
7.5
HIGH
CVE-2020-26139
all versions
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the s
5.3
MEDIUM
CVE-2012-5365
< 6.0.2
The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial
7.5
HIGH
CVE-2012-5363
< 6.0.2
The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial
7.5
HIGH
CVE-2011-2480
all versions
Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 arch
7.5
HIGH
CVE-2017-1000378
<= 7.1
The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements t
9.8
CRITICAL
CVE-2017-1000375
<= 7.1
NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to more
9.8
CRITICAL
CVE-2017-1000374
<= 7.1
A flaw exists in NetBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code ex
9.8
CRITICAL
CVE-2016-6253
all versions
mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or append da
7.8
HIGH
CVE-2015-8212
all versions
CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote attackers to execute arbitrar
9.8
CRITICAL
CVE-2015-5917
all versions
The glob implementation in tnftpd (formerly lukemftpd), as used in Apple OS X before 10.11, allows remote attackers to cause a den
CVE-2014-7250
all versions
The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement
CVE-2014-8517
all versions
The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6,
CVE-2014-3566
all versions
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easi
3.4
LOW
CVE-2014-5384
all versions
The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a den
CVE-2014-3951
all versions
The HZ module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denia
CVE-2014-5015
all versions
bozotic HTTP server (aka bozohttpd) before 20140708, as used in NetBSD, truncates paths when checking .htpasswd restrictions, whic
CVE-2007-6754
all versions
The ipalloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD does not properly allocate memory, whi
CVE-2006-7252
all versions
Integer overflow in the calloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD makes it easier for
CVE-2012-0217
<= 6.0
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other prod
CVE-2011-2393
all versions
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD, NetBSD, and possibly other BSD-based operating s
CVE-2011-2895
all versions
The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compres
CVE-2011-0418
all versions
The glob implementation in Pure-FTPd before 1.0.32, and in libc in NetBSD 5.1, does not properly expand expressions containing cur
CVE-2011-1920
all versions
The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow local users to overwrite arbitrary
CVE-2011-0419
all versions
Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before
CVE-2011-1547
all versions
Multiple stack consumption vulnerabilities in the kernel in NetBSD 4.0, 5.0 before 5.0.3, and 5.1 before 5.1.1, when IPsec is enab
CVE-2010-4755
all versions
The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in Free
CVE-2010-4754
all versions
The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6
CVE-2010-2530
<= 5.0.2
Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Appl
CVE-2010-3014
all versions
The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is running with /coda mounted, all
CVE-2010-0561
all versions
Integer signedness error in NetBSD 4.0, 5.0, and NetBSD-current before 2010-01-21 allows local users to cause a denial of service
CVE-2009-2793
<= 5.0.1
The kernel in NetBSD, probably 5.0.1 and earlier, on x86 platforms does not properly handle a pre-commit failure of the iret instr
CVE-2009-0687
all versions
The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 through 4.5, NetBSD 5.0 before RC3, MirOS 10 and e
CVE-2009-2483
all versions
libprop/prop_object.c in proplib in NetBSD 4.0 and 4.0.1 allows local users to cause a denial of service (NULL pointer dereference
CVE-2009-2482
all versions
The pam_unix module in OpenPAM in NetBSD 4.0 before 4.0.2 and 5.0 before 5.0.1 allows local users to change the current root passw
CVE-2009-0689
all versions
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/
CVE-2008-4609
all versions
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably othe
CVE-2008-2476
all versions
The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4)
CVE-2008-4247
all versions
ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly other operating systems interprets long commands from an FTP c
CVE-2008-3584
all versions
NetBSD 3.0, 3.1, and 4.0, when a pppoe instance exists, does not properly check the length of a PPPoE packet tag, which allows rem
CVE-2008-2464
all versions
The mld_input function in sys/netinet6/mld6.c in the kernel in NetBSD 4.0, FreeBSD, and KAME, when INET6 is enabled, allows remote
CVE-2008-1391
all versions
Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow con
CVE-2008-1335
all versions
The ipsec4_get_ulp function in the kernel in NetBSD 2.0 through 3.1 and NetBSD-current before 20071028, when the fast_ipsec subsys
CVE-2008-1215
all versions
Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD
CVE-2007-3654
all versions
The display driver allocattr functions in NetBSD 3.0 through 4.0_BETA2, and NetBSD-current before 20070728, allow local users to c
CVE-2007-1677
all versions
Multiple buffer overflows in the ISO network protocol support in the NetBSD kernel 2.0 through 4.0_BETA2, and NetBSD-current befor
CVE-2007-1523
all versions
Heap-based buffer overflow in the kernel in NetBSD 3.0, certain versions of FreeBSD and OpenBSD, and possibly other BSD derived op
CVE-2006-6730
all versions
OpenBSD and NetBSD permit usermode code to kill the display server and write to the X.Org /dev/xf86 device, which allows local use
CVE-2006-6657
all versions
The if_clone_list function in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119
CVE-2006-6656
all versions
Unspecified vulnerability in ptrace in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before
CVE-2006-6655
all versions
The procfs implementation in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029
CVE-2006-6654
all versions
The sendmsg function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029, when
CVE-2006-6653
all versions
The accept function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows
CVE-2006-6652
all versions
Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.
and 3.
before 20061203,
CVE-2006-6397
all versions
Integer overflow in banner/banner.c in FreeBSD, NetBSD, and OpenBSD might allow local users to modify memory via a long banner. N
CVE-2006-6165
all versions
ld.so in FreeBSD, NetBSD, and possibly other BSD distributions does not remove certain harmful environment variables, which allows
7.8
HIGH
CVE-2006-6014
all versions
The NetBSD-current kernel before 20061028 does not properly perform bounds checking of an unspecified userspace parameter in the p
CVE-2006-6013
all versions
Integer signedness error in the fw_ioctl (FW_IOCTL) function in the FireWire (IEEE-1394) drivers (dev/firewire/fwdev.c) in various
CVE-2006-5218
all versions
Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to c
CVE-2006-5215
<= current
The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10
CVE-2006-5214
all versions
Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and So
CVE-2006-4304
all versions
Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3
CVE-2006-3202
all versions
The ip6_savecontrol function in NetBSD 2.0 through 3.0, under certain configurations, does not check to see if IPv4-mapped sockets
CVE-2006-2205
all versions
The audio_write function in NetBSD 3.0 allows local users to cause a denial of service (kernel crash) by using the audiosetinfo io
CVE-2006-1833
all versions
Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to alway
CVE-2006-1814
all versions
NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by using the sysctl system call t
CVE-2006-1797
all versions
The kernel in NetBSD-current before September 28, 2005 allows local users to cause a denial of service (system crash) by using the
CVE-2006-1589
all versions
The elf_load_file function in NetBSD 2.0 through 3.0 allows local users to cause a denial of service (kernel crash) via an ELF int
CVE-2006-1588
all versions
The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the re
CVE-2006-1587
all versions
NetBSD 1.6 up to 3.0, when a user has "set record" in .mailrc with the default umask set, creates the record file with 0644 permis
CVE-2006-0905
all versions
A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the
CVE-2006-0145
all versions
The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against ne
CVE-2005-4783
all versions
kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, whi
CVE-2005-4782
all versions
NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with "options DIAGNOSTIC," allows local users to cau
CVE-2005-4779
all versions
verifiedexecioctl in verified_exec.c in NetBSD 2.0.2 calls NDINIT with UIO_USERSPACE rather than UID_SYSSPACE, which removes the f
CVE-2005-4776
all versions
Integer overflow in the FreeBSD compatibility code (freebsd_misc.c) in NetBSD-current, NetBSD-3, NetBSD-2.0, and NetBSD-2 before 2
CVE-2005-4741
all versions
NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before 20051031 allows local users to gain privileges by attaching a debugg
CVE-2005-4733
all versions
NetBSD 2.0 before 20050316 and NetBSD-current before 20050112 allow local users to cause a denial of service (infinite loop and sy
CVE-2005-4691
all versions
imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86
CVE-2005-4352
all versions
The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting
CVE-2005-2134
all versions
The (1) clcs and (2) emuxki drivers in NetBSD 1.6 through 2.0.2 allow local users to cause a denial of service (kernel crash) by u
CVE-2004-2012
all versions
The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, do
CVE-2004-1374
all versions
Multiple buffer overflows in NetBSD kernel may allow local users to execute arbitrary code and gain privileges.
CVE-2004-1323
all versions
Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via
CVE-2004-0257
all versions
OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a denial of service (crash) by sending an IPv6 packet with a
CVE-2004-0230
all versions
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service
CVE-2004-0114
<= 1.3
The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6
CVE-2003-0914
all versions
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that
CVE-2003-0730
all versions
Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or
CVE-2003-0694
all versions
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstr
CVE-2003-0681
all versions
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final
CVE-2003-0653
all versions
The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain
CVE-2003-0466
>= 1.5 and <= 1.6.1
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbit
9.8
CRITICAL
CVE-2002-1476
all versions
Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_AL
CVE-2002-1500
all versions
Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by execu
CVE-2002-1490
all versions
NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY
CVE-2002-1543
all versions
Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input.
CVE-2003-0102
all versions
Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file,
CVE-2002-1337
all versions
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields,
CVE-2003-0001
all versions
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to
CVE-2002-2245
all versions
ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contain
CVE-2002-2092
all versions
Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gai
CVE-2002-1915
all versions
tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock(
5.5
MEDIUM
CVE-2002-0666
all versions
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allo
CVE-2002-1194
all versions
Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other operating systems, may allow remote attackers to execute ar
CVE-2002-1192
all versions
Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD 4.6, and possibly other operating systems, allows local user
CVE-2002-1165
all versions
Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/199
CVE-2002-0414
all versions
KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Sec
CVE-2000-1208
all versions
Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain p
CVE-2002-0381
all versions
The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses,
CVE-2002-0004
all versions
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, whi
CVE-2001-0734
all versions
Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local user to gain privileges via modified Status Register contents,
CVE-2001-0670
<= 1.5.1
Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execu
CVE-2001-0710
<= 1.5
NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number
CVE-2001-1091
all versions
The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local user
CVE-2001-1145
all versions
fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a d
CVE-2001-0554
all versions
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary comma
CVE-2001-0993
all versions
sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr str
CVE-2001-1244
all versions
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting t
CVE-2001-0247
all versions
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containi
CVE-2001-0268
<= 1.5
The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, d
CVE-2000-0315
<= 1.3.3
traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which co
CVE-2000-0314
<= 1.3.3
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waitti
CVE-2001-0033
all versions
KTH Kerberos IV allows local users to change the configuration of a Kerberos server running at an elevated privilege by specifying
CVE-2001-0053
all versions
One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges.
CVE-2000-0997
all versions
Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to
CVE-2000-0993
all versions
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed
CVE-2000-0751
all versions
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote a
CVE-2000-0750
all versions
Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via
CVE-2000-0461
all versions
The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of servi
CVE-2000-0462
all versions
ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those
CVE-2000-0456
all versions
NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel
CVE-2000-0440
all versions
NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp o
CVE-2000-0094
all versions
procfs in BSD systems allows local users to gain root privileges by modifying the /proc/pid/mem interface via a modified file desc
CVE-2000-0157
all versions
NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process.
CVE-2000-0092
all versions
The BSD make program allows local users to modify files via a symlink attack when the -j option is being used.
CVE-2000-0489
all versions
FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the s
CVE-1999-0674
all versions
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.
CVE-1999-1518
all versions
Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass
CVE-1999-0764
all versions
NetBSD allows ARP packets to overwrite static ARP entries.
CVE-1999-0763
all versions
NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network.
CVE-1999-0466
all versions
The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the dis
CVE-1999-0446
all versions
Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln
CVE-1999-0434
all versions
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly al
CVE-1999-0433
all versions
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly
CVE-1999-0422
all versions
In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set.
CVE-1999-0420
all versions
umapfs allows local users to gain root privileges by changing their uid through a malicious mount_umap program.
CVE-1999-0396
all versions
A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of servic
CVE-1999-0367
all versions
NetBSD netstat command allows local users to access kernel memory.
CVE-1999-1409
<= 1.3.2
The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the f
CVE-1999-0303
all versions
Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.
CVE-1999-0011
all versions
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
5.4
MEDIUM
CVE-1999-0010
all versions
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
CVE-1999-0009
all versions
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
CVE-1999-0323
all versions
FreeBSD mmap function allows users to modify append-only or immutable files.
CVE-1999-0304
all versions
mmap function in BSD allows local attackers in the kmem group to modify memory through devices.
CVE-1999-0513
all versions
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
CVE-1999-0015
all versions
Teardrop IP denial of service.
CVE-1999-0017
all versions
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
CVE-1999-0016
all versions
Land IP denial of service.
CVE-1999-1214
all versions
The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, wh
CVE-1999-1225
all versions
rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on
CVE-1999-0628
all versions
The rwho/rwhod service is running, which exposes machine status and user information.
CVE-1999-0074
all versions
Listening TCP ports are sequentially allocated, allowing spoofing attacks.
CVE-1999-0046
all versions
Buffer overflow of rlogin program using TERM environmental variable.
CVE-1999-0297
all versions
Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable
CVE-1999-0085
all versions
Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet wit
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin