Netbsd : Security Vulnerabilities, CVEs, Published In 2000
Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name.
Max CVSS
7.5
EPSS Score
0.89%
Published
2000-10-20
Updated
2008-09-10
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.
Max CVSS
7.5
EPSS Score
9.15%
Published
2000-10-20
Updated
2008-09-05
procfs in BSD systems allows local users to gain root privileges by modifying the /proc/pid/mem interface via a modified file descriptor for stderr.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-02-16
Updated
2018-05-03
NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process.
Max CVSS
7.2
EPSS Score
0.05%
Published
2000-02-01
Updated
2008-09-10
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-12-19
Updated
2017-10-10
Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges.
Max CVSS
7.2
EPSS Score
0.05%
Published
2000-12-19
Updated
2018-05-03
The BSD make program allows local users to modify files via a symlink attack when the -j option is being used.
Max CVSS
6.2
EPSS Score
0.05%
Published
2000-01-19
Updated
2011-03-08
NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option.
Max CVSS
5.0
EPSS Score
3.18%
Published
2000-05-01
Updated
2008-09-10
NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel which do not yield the CPU, aka "cpu-hog".
Max CVSS
2.1
EPSS Score
0.04%
Published
2000-05-28
Updated
2008-09-10
The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call.
Max CVSS
2.1
EPSS Score
0.04%
Published
2000-05-29
Updated
2008-09-10
ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory.
Max CVSS
2.1
EPSS Score
0.05%
Published
2000-05-28
Updated
2008-09-10
11 vulnerabilities found