CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2005-4741
https://notcve.org/view.php?id=CVE-2005-4741
31 Dec 2005 — NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before 20051031 allows local users to gain privileges by attaching a debugger to a setuid/setgid (P_SUGID) process that performs an exec without a reset of real credentials. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-013.txt.asc •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2005-4779
https://notcve.org/view.php?id=CVE-2005-4779
31 Dec 2005 — verifiedexecioctl in verified_exec.c in NetBSD 2.0.2 calls NDINIT with UIO_USERSPACE rather than UID_SYSSPACE, which removes the functionality of the verified exec kernel subsystem and might allow local users to execute Trojan horse programs. • http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/dev/verified_exec.c.diff?r1=1.4&r2=1.4.2.1&f=h •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2005-4782
https://notcve.org/view.php?id=CVE-2005-4782
31 Dec 2005 — NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with "options DIAGNOSTIC," allows local users to cause a denial of service (kernel assertion panic) via a negative linger time in the SO_LINGER socket option. • http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/kern/uipc_socket.c.diff?r1=1.111&r2=1.112 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2005-4783
https://notcve.org/view.php?id=CVE-2005-4783
31 Dec 2005 — kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory. • http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2005-2134
https://notcve.org/view.php?id=CVE-2005-2134
05 Jul 2005 — The (1) clcs and (2) emuxki drivers in NetBSD 1.6 through 2.0.2 allow local users to cause a denial of service (kernel crash) by using the set-parameters ioctl on an audio device to change the block size and set the pause state to "unpaused" in the same ioctl, which causes a divide-by-zero error. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-002.txt.asc •
CVSS: 8.2EPSS: 15%CPEs: 58EXPL: 0CVE-2003-0914
https://notcve.org/view.php?id=CVE-2003-0914
02 Dec 2003 — ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. ISC BIND 8.3.x antes de 8.3.7, y 8.4.x antes de 8.4.3 permite a atacantes remotos envenenar la cache mediante un servidor de nombres malicioso que devuelve respuestas negativas con un valor TTL (time to live) largo. • ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-003.0/CSSA-2004-003.0.txt •
CVSS: 10.0EPSS: 27%CPEs: 87EXPL: 3CVE-2001-0554 – Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - 'TelnetD' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0554
14 Aug 2001 — Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. • https://www.exploit-db.com/exploits/21018 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 79%CPEs: 76EXPL: 2CVE-1999-0009 – ISC BIND (Linux/BSD) - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-1999-0009
08 Apr 1998 — Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. • https://www.exploit-db.com/exploits/19111 •
CVSS: 10.0EPSS: 3%CPEs: 42EXPL: 1CVE-1999-0046 – BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-1999-0046
06 Feb 1997 — Buffer overflow of rlogin program using TERM environmental variable. • https://www.exploit-db.com/exploits/19203 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •