Page 8 of 60 results (0.013 seconds)

CVSS: 2.1EPSS: 0%CPEs: 10EXPL: 0

The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory. • ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-005.txt.asc http://secunia.com/advisories/19464 http://securitytracker.com/id?1015846 http://www.osvdb.org/24262 http://www.securityfocus.com/bid/17312 https://exchange.xforce.ibmcloud.com/vulnerabilities/25582 •

CVSS: 4.9EPSS: 0%CPEs: 6EXPL: 0

The elf_load_file function in NetBSD 2.0 through 3.0 allows local users to cause a denial of service (kernel crash) via an ELF interpreter that does not have a PT_LOAD section in its header, which triggers a null dereference. • ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-008.txt.asc http://securitytracker.com/id?1015848 http://www.osvdb.org/24576 https://exchange.xforce.ibmcloud.com/vulnerabilities/25690 •

CVSS: 7.5EPSS: 1%CPEs: 38EXPL: 0

A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-011.txt.asc http://secunia.com/advisories/19366 http://securitytracker.com/id?1015809 http://www.osvdb.org/24068 http://www.securityfocus.com/bid/17191 https://exchange.xforce.ibmcloud.com/vulnerabilities/25398 •

CVSS: 4.6EPSS: 0%CPEs: 9EXPL: 0

The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and gain privileges via the lseek system call. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-001.txt.asc http://secunia.com/advisories/18388 http://secunia.com/advisories/18712 http://securityreason.com/securityalert/405 http://www.osvdb.org/22293 http://www.securityfocus.com/archive/1/423827/100/0/threaded http://www.securityfocus.com/bid/16173 http://www.securitylab.net/research/2006/02/advisory_netbsd_openbsd_kernfs.html https://exchange.xforce.ibmcloud.com/vulnerabilities/24035 •

CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 0

kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory. • http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c.diff?r1=1.110&r2=1.111&f=h http://mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html http://releng.netbsd.org/cgi-bin/req-3.cgi?show=727 http://securitytracker.com/id?1015132 http://www.osvdb.org/20729 http://www.packetstormsecurity.org/0601-advisories/NetBSD-SA2006-001.txt •