Page 8 of 58 results (0.018 seconds)

CVSS: 2.1EPSS: 0%CPEs: 10EXPL: 0

NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by using the sysctl system call to lock a large buffer into physical memory. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-013.txt.asc http://secunia.com/advisories/19616 http://securitytracker.com/id?1015909 http://www.osvdb.org/24579 http://www.securityfocus.com/bid/17498 https://exchange.xforce.ibmcloud.com/vulnerabilities/25764 •

CVSS: 2.1EPSS: 0%CPEs: 10EXPL: 0

NetBSD 1.6 up to 3.0, when a user has "set record" in .mailrc with the default umask set, creates the record file with 0644 permissions, which allows local users to read the record file. • ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-007.txt.asc http://secunia.com/advisories/19465 http://securitytracker.com/id?1015847 http://www.osvdb.org/24258 https://exchange.xforce.ibmcloud.com/vulnerabilities/25581 •

CVSS: 2.1EPSS: 0%CPEs: 10EXPL: 0

The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory. • ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-005.txt.asc http://secunia.com/advisories/19464 http://securitytracker.com/id?1015846 http://www.osvdb.org/24262 http://www.securityfocus.com/bid/17312 https://exchange.xforce.ibmcloud.com/vulnerabilities/25582 •

CVSS: 4.9EPSS: 0%CPEs: 6EXPL: 0

The elf_load_file function in NetBSD 2.0 through 3.0 allows local users to cause a denial of service (kernel crash) via an ELF interpreter that does not have a PT_LOAD section in its header, which triggers a null dereference. • ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-008.txt.asc http://securitytracker.com/id?1015848 http://www.osvdb.org/24576 https://exchange.xforce.ibmcloud.com/vulnerabilities/25690 •

CVSS: 7.5EPSS: 1%CPEs: 38EXPL: 0

A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-011.txt.asc http://secunia.com/advisories/19366 http://securitytracker.com/id?1015809 http://www.osvdb.org/24068 http://www.securityfocus.com/bid/17191 https://exchange.xforce.ibmcloud.com/vulnerabilities/25398 •