Netbsd : Security Vulnerabilities, CVEs, Published In 1999
NetBSD netstat command allows local users to access kernel memory.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-02-09
Updated
2008-09-09
A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.
Max CVSS
2.6
EPSS Score
0.17%
Published
1999-02-17
Updated
2022-08-17
umapfs allows local users to gain root privileges by changing their uid through a malicious mount_umap program.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-03-17
Updated
2022-08-17
In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-03-17
Updated
2022-08-17
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-03-21
Updated
2022-08-17
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
Max CVSS
7.5
EPSS Score
0.33%
Published
1999-03-30
Updated
2008-09-09
Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS.
Max CVSS
2.1
EPSS Score
0.06%
Published
1999-04-12
Updated
2008-09-09
The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-04-21
Updated
2008-09-09
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-08-09
Updated
2018-10-30
NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network.
Max CVSS
6.4
EPSS Score
0.70%
Published
1999-05-01
Updated
2008-09-09
NetBSD allows ARP packets to overwrite static ARP entries.
Max CVSS
6.4
EPSS Score
0.70%
Published
1999-05-01
Updated
2008-09-09
Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults.
Max CVSS
5.0
EPSS Score
0.58%
Published
1999-07-15
Updated
2017-12-19
FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers.
Max CVSS
2.1
EPSS Score
0.07%
Published
1999-09-05
Updated
2017-10-10
13 vulnerabilities found