Netbsd

Netbsd

168 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2003-0914

  • EPSS 26.75%
  • Veröffentlicht 15.12.2003 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.

7.5

CVE-2003-0730

  • EPSS 5.66%
  • Veröffentlicht 20.10.2003 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks.

7.5

CVE-2003-0681

  • EPSS 12.44%
  • Veröffentlicht 06.10.2003 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.

10

CVE-2003-0694

  • EPSS 76.08%
  • Veröffentlicht 06.10.2003 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

10

CVE-2003-0466

Exploit
  • EPSS 90.83%
  • Veröffentlicht 27.08.2003 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to tr...

5

CVE-2003-0653

  • EPSS 0.66%
  • Veröffentlicht 27.08.2003 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic...

4.6

CVE-2002-1476

  • EPSS 0.1%
  • Veröffentlicht 22.04.2003 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local attackers to execute arbitrary code via a user-controlled locale string that has more than 6 el...

2.1

CVE-2002-1490

  • EPSS 0.07%
  • Veröffentlicht 02.04.2003 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is ...

7.2

CVE-2002-1500

  • EPSS 0.15%
  • Veröffentlicht 02.04.2003 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, whic...

4.6

CVE-2002-1543

  • EPSS 0.09%
  • Veröffentlicht 31.03.2003 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input.