Users login

Create an account »


Users login

Home » Security Advisories » NetBSD

NetBSD Security Advisories

Here you'll find the latest security advisories from NetBSD. Our database currently contains 49 NetBSD security advisories.
Page: 1 2 out of 2

Local DoS via audio device with specific drivers | 2005-002 | June 30, 2005
With CS4280/4281, or SB Live, or SB PC 512 audio hardware, a local user of the audio device can crash the machine through the ioctl system call.

Crypto leaks across HT CPUs | 2005-001 | June 30, 2005
The Pentium CPU shares caches between HyperThreads. This permits a local process to gain a side-channel against cryptographic processes running on the other HyperThread. Testing for cached data can be

Denial of service and local privilege escalation | 2004-010 | December 17, 2004
Some of the functions in /usr/src/sys/compat/* which implement execution of foreign binaries (such as Linux, FreeBSD, IRIX, OSF1, SVR4, HPUX, and ULTRIX) used argument data in unsafe ways prior to cal

Ftpd root escalation | 2004-009 | August 15, 2004
A set of flaws in the ftpd source code can be used together to achieve root access within an ftp session. With root file manipulation ability, mechanisms to gain a shell are numerous, so this issue s

CVS server vulnerability | 2004-008 | June 03, 2004
CVS had heap overflow vulnerabilities which can be trigged remotely by malicious people on the net.

NetBSD 2003-009: sendmail buffer overflow | 2003-009 | April 06, 2003
A buffer overflow vulnerability has been found in sendmail versions 8.12.8 and below which, if exploited, can allow remote attackers to issue Denial of Service attacks or execution of arbitrary code.

NetBSD 2003-006: kerberos v4 cryptographic weakness | 2003-006 | April 06, 2003
A vulnerability has been found Kerberos protocol version 4, which may allow an attacker to impersonate any principal in a realm and therefore subvert a site's entire Kerberos authentication infra

NetBSD 2003-007: encryption weakness in OpenSSL | 2003-007 | March 26, 2003
Czech cryptologists Vlastimil Klima, Ondrej Pokorny, and Tomas Rosa have come up with an extension of the "Bleichenbacher attack". This attack allows an attacker to perform a single RSA pri

NetBSD 2003-005: timing attack in OpenSSL | 2003-005 | March 26, 2003
The attack allows remote recovery of private keys, from a host with low-latency access to the server - such as the local host, or a host on the LAN.

NetBSD 2003-008: integer overflow in xdrmem_getbytes | 2003-008 | March 26, 2003
The xdrmem XDR stream object does incorrect bounds-checking. If the bounds-checking error is exploited, it may be possible for an attacker to send maliciously formatted messages.

NetBSD 2003-004: zlib format string | 2003-004 | March 26, 2003
Improper bound check in user submitted data can be used to overflow a buffer and execute arbitrary code. This vulnerability could lead to privilege escalation.

NetBSD 2002-029: named(8) multiple denial of service and remote execution of cod | 2002-029 | November 20, 2002
Topic: named(8) multiple denial of service and remote execution of code

NetBSD 2002-028: Buffer overrun in getnetbyname/getnetbyaddr | 2002-028 | November 20, 2002
Topic: Buffer overrun in getnetbyname/getnetbyaddr

NetBSD 2002-027: ftpd STAT output non-conformance can deceive firewall devices | 2002-027 | November 20, 2002
Topic: ftpd STAT output non-conformance can deceive firewall devices

NetBSD Security Advisory 2002-024: IPFilter FTP proxy | 2002-024 | November 09, 2002
Version: NetBSD-current: source prior to September 20, 2002 NetBSD 1.6: affected NetBSD-1.5.3: affected NetBSD-1.5.2: affected NetBSD-1.5.1:

NetBSD Security Advisory 2002-025: trek(6) buffer overrun | 2002-025 | October 24, 2002
There is a buffer overflow in the processing of keyboard input by trek(6). On NetBSD 1.5 and prior, trek(6) is executed via dm(8), so a malicious local user could elevate privilege to group "

NetBSD Security Advisory 2002-026: Buffer overflow in kadmind daemon | 2002-026 | October 23, 2002
Kadmind is the server for administrative access to kerberos database, and comes from the Heimdal Kerberos implementation used by NetBSD. In Heimdal releases earlier than 0.5.1 kadmind has a buffer

NetBSD Security Advisory 2002-016: Insufficient length check in ESP authenticati | 2002-016 | October 23, 2002
Topic: Insufficient length check in ESP authentication data

NetBSD Security Advisory 2002-023 - sendmail smrsh bypass | 2002-023 | October 09, 2002
If smrsh (sendmail restricted shell) is in use with sendmail, local user can bypass access restrictions imposed by smrsh.

NetBSD 2002-011-Sun RPC XDR decoder contains buffer overflow | 2002-011 | August 03, 2002
Integer overflows exist in the RPC code in libc. These cause a buffer to be mistakenly allocated too small, and then overflown. amd and amq, the Automounter and its query tool, and the rusers clie

NetBSD 2002-010-symlink race in pppd | 2002-010 | August 03, 2002
Version: NetBSD-current: source prior to July 31, 2002 NetBSD-1.6 beta: affected NetBSD-1.5.3: affected NetBSD-1.5.2: affected NetBSD-1.5.1: affected NetBSD-1.5: affected NetBSD-1.

NetBSD 2002-009-Multiple vulnerabilities in OpenSSL code | 2002-009 | August 03, 2002
Version: NetBSD-current: source prior to July 30, 2002 NetBSD-1.6 beta: affected NetBSD-1.5.3: affected NetBSD-1.5.2: affected NetBSD-1.5.1: affected NetBSD-1.5: affected NetBSD-1.4.

NetBSD 2002-004-Off-by-one error in openssh session | 2002-004 | March 13, 2002
OpenSSH prior to version 3.1 has an off-by-one error in the channel code. This bug can be exploited locally by an authenticated user logging into a vulnerable OpenSSH server or remotely by a malicio

NetBSD -gzip buffer overrun with long filename | | March 13, 2002
/usr/bin/gzip, a file compression program, does not properly check supplied filenames against its buffer size. It could lead to execution of arbitrary code under the privilege with which gzip is r

Page: 1 2 out of 2

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »