CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2006-0145
https://notcve.org/view.php?id=CVE-2006-0145
09 Jan 2006 — The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and gain privileges via the lseek system call. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-001.txt.asc •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2005-4733
https://notcve.org/view.php?id=CVE-2005-4733
31 Dec 2005 — NetBSD 2.0 before 20050316 and NetBSD-current before 20050112 allow local users to cause a denial of service (infinite loop and system hang) by calling the F_CLOSEM fcntl with a parameter value of 0. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-003.txt.asc •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2005-4779
https://notcve.org/view.php?id=CVE-2005-4779
31 Dec 2005 — verifiedexecioctl in verified_exec.c in NetBSD 2.0.2 calls NDINIT with UIO_USERSPACE rather than UID_SYSSPACE, which removes the functionality of the verified exec kernel subsystem and might allow local users to execute Trojan horse programs. • http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/dev/verified_exec.c.diff?r1=1.4&r2=1.4.2.1&f=h •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2005-4782
https://notcve.org/view.php?id=CVE-2005-4782
31 Dec 2005 — NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with "options DIAGNOSTIC," allows local users to cause a denial of service (kernel assertion panic) via a negative linger time in the SO_LINGER socket option. • http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/kern/uipc_socket.c.diff?r1=1.111&r2=1.112 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2005-4776
https://notcve.org/view.php?id=CVE-2005-4776
31 Dec 2005 — Integer overflow in the FreeBSD compatibility code (freebsd_misc.c) in NetBSD-current, NetBSD-3, NetBSD-2.0, and NetBSD-2 before 20050913; and NetBSD-1.6 before 20050914; allows local users to cause a denial of service (heap corruption or system crash) and possibly gain root privileges. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-008.txt.asc •
CVSS: 5.5EPSS: 0%CPEs: 80EXPL: 2CVE-2005-4352
https://notcve.org/view.php?id=CVE-2005-4352
31 Dec 2005 — The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901), which can then be set ahead to the desired time, aka "settimeofday() time wrap." • http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041178.html •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2005-4691
https://notcve.org/view.php?id=CVE-2005-4691
31 Dec 2005 — imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is used for a pre-formatted manual page. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-009.txt.asc •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2005-4741
https://notcve.org/view.php?id=CVE-2005-4741
31 Dec 2005 — NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before 20051031 allows local users to gain privileges by attaching a debugger to a setuid/setgid (P_SUGID) process that performs an exec without a reset of real credentials. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-013.txt.asc •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2005-4783
https://notcve.org/view.php?id=CVE-2005-4783
31 Dec 2005 — kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory. • http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2005-2134
https://notcve.org/view.php?id=CVE-2005-2134
05 Jul 2005 — The (1) clcs and (2) emuxki drivers in NetBSD 1.6 through 2.0.2 allow local users to cause a denial of service (kernel crash) by using the set-parameters ioctl on an audio device to change the block size and set the pause state to "unpaused" in the same ioctl, which causes a divide-by-zero error. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-002.txt.asc •