Page 7 of 41 results (0.016 seconds)

CVSS: 2.6EPSS: 1%CPEs: 10EXPL: 0

Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-009.txt.asc http://secunia.com/advisories/19585 http://securitytracker.com/id?1015907 http://www.osvdb.org/24577 http://www.securityfocus.com/bid/17496 https://exchange.xforce.ibmcloud.com/vulnerabilities/25786 •

CVSS: 4.9EPSS: 0%CPEs: 10EXPL: 0

The kernel in NetBSD-current before September 28, 2005 allows local users to cause a denial of service (system crash) by using the SIOCGIFALIAS ioctl to gather information on a non-existent alias of a network interface, which causes a NULL pointer dereference. • http://archives.neohapsis.com/archives/netbsd/2006-q2/0014.html http://secunia.com/advisories/19615 http://securitytracker.com/id?1015908 http://www.osvdb.org/24578 http://www.securityfocus.com/bid/17497 https://exchange.xforce.ibmcloud.com/vulnerabilities/25766 •

CVSS: 2.1EPSS: 0%CPEs: 10EXPL: 0

NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by using the sysctl system call to lock a large buffer into physical memory. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-013.txt.asc http://secunia.com/advisories/19616 http://securitytracker.com/id?1015909 http://www.osvdb.org/24579 http://www.securityfocus.com/bid/17498 https://exchange.xforce.ibmcloud.com/vulnerabilities/25764 •

CVSS: 2.1EPSS: 0%CPEs: 10EXPL: 0

NetBSD 1.6 up to 3.0, when a user has "set record" in .mailrc with the default umask set, creates the record file with 0644 permissions, which allows local users to read the record file. • ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-007.txt.asc http://secunia.com/advisories/19465 http://securitytracker.com/id?1015847 http://www.osvdb.org/24258 https://exchange.xforce.ibmcloud.com/vulnerabilities/25581 •

CVSS: 2.1EPSS: 0%CPEs: 10EXPL: 0

The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory. • ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-005.txt.asc http://secunia.com/advisories/19464 http://securitytracker.com/id?1015846 http://www.osvdb.org/24262 http://www.securityfocus.com/bid/17312 https://exchange.xforce.ibmcloud.com/vulnerabilities/25582 •