NetBSD Security Advisory 2002-004 - An off by one overflow has been discovered in the channel code of OpenSSH versions 2.0 - 3.0.2 can be used to execute code on systems running vulnerable OpenSSH clients and servers. NetBSD fixed this vulnerability in versions 1.5 - 1.5.2 and announced that the fix will be included in NetBSD 1.5.3.
35d64679ad8b60205c3868196bf86fd85e46f45ac237b9994146c212404c430fNetBSD Security Advisory 2002-002 - A buffer overflow found in Gzip can under certain conditions be used to execute shellcode with elevated privileges, for example through certain FTP servers. NetBSD fixed this vulnerability for CURRENT, 1.5 - 1.5.2 and 1.4 - 1.4.3.
0711d864488b65c071d0b4fba53663aada9d306b2d2e0f03d43b2c5e7db33503NetBSD Security Advisory 2001-018 - A remote buffer overflow in BSD derived Line Printer Daemons can lead to a remote root compromise. This vulnerability affects NetBSD current, 1.5, 1.5.1 and 1.5.2.
b589390a59a8227dbdee0c06ef0e0f5ace6b72b971cd71a9fbf5cd832adc1ed3NetBSD Security Advisory 2001-017 - Sendmail's incorrect command line argument check can lead to a local root privilege compromise. This vulnerability affects all sendmail versions between 8.10.0 to 8.11.5.
c1d946cc82df64dd75efc0311699d13db94d85dfddc1469a505f55afa5c3f41aNetBSD Security Advisory 2001-016 - The fts functions are provided for traversing UNIX file hierarchies. The NetBSD fts implementation can be tricked to follow symbolic links and can therefore be abused by local users. All NetBSD releases prior to July 9, 2001 are affected by this vulnerability.
f57f124958aad1172bfa011eb3991d0cb4f8265a45e2b79e6e2404b5bb702613NetBSD Security Advisory 2001-015 - Several buffer overflows found in the NetBSD kernel can enable local users to crash the system or gain superuser privileges. This vulnerability affects NetBSD-current, 1.4.*, 1.5, and 1.5.1.
4100e22d5d95db64c64e1eea57538c4244bb28b9aa2f17e30a3b540f5f1c60a0NetBSD Security Advisory 2001-014 - Dump (/sbin/dump), which is setgid tty, does not drop its privileges correctly and can be used to execute commands with setgid tty privileges by using the RCMD_CMD environment variable. This vulnerability affects the NetBSD-1.4, 1.5, 1.5.1 and current branch.
529f55f5564a602c83f290e0f3090627ee3a03395e7520f50edb110c86697cf7NetBSD Security Advisory 2001-013 - The OpenSSL libcrypto includes a PRNG (pseudo random number generator) implementation. The logic used for PRNG was not strong enough, and allows attackers to guess the internal state of the PRNG. Therefore, attackers can predict future PRNG output. This vulnerability undermines the security level of cryptographic programs such as ssh and pgp.
264acefa92a1c14959125bb710b0220fa91d956f0c123a93d60a53ec07ffb5b8NetBSD Security Advisory 2001-012 - A remotely exploitable buffer overflow found in BSD derived telnet daemons can be used to execute shell code with root privileges.
abd588019233fcad4fe67559cd67fe90fa0e9b1db3af226b1c231844e91ea10bNetBSD Security Advisory 2002-001 - A vulnerability found in the ptrace implementation on NetBSD 1.5.* , 1.4.* and CURRENT (prior to January 14, 2002) systems can result in race conditions where it is possible to use ptrace and SUID binaries to execute code with elevated privileges.
e2ceb90aa470a1126631cd2c2ce223394cc423f2b65930b3f1227dd7029eb3b2NetBSD Security Advisory 2000-017 - A one-byte remote buffer overrun has been found in the ftp daemon which is believed to allow remote attackers to gain root access. A bad bounds check was found in the replydirname() function.
e0ab5c31958bafa483ecd3f408d2edbd579e570fd1a7c4b75e395e24680f2190NetBSD Security Advisory 2000-017 - Kerberised telnetd and libkrb contain exploitable local root bugs. There were two problems - first, telnetd allowed the user to provide arbitrary environment variables, including several that cause programs to behave differently. There was also a possible buffer overflow in the Kerberos v4 library.
e2ca278f746dd9a252a1141d30648c61f4059f12835a666a65c72466f7ff53b7NetBSD Security Advisory 2000-015 - The pw_error() function of the system libutil library, used by several programs including the setuid passwd program, was vulnerable to a format string attack resulting in local root compromise.
0bd58837c2ea7980937b6ae199b243b9a170c7e4f70bff757e2e5df990146a4bNetBSD Security Advisory 2000-014 - Global-3.55 and below allows remote users to execute arbitrary commands.
e00899c0e255208ded76f38b9812dad970932a7c963afdc4d518d7ba7d807b8fNetBSD Security Advisory 2000-013 - The cfd daemon in GNU CFEngine port contains several format string vulnerabilities in syslog() calls. This could permit remote hosts to inject the network daemon with a message causing a segmentation fault. As cfd is almost always run as root due to its nature (centralized configuration management), this could lead to a root compromise.
a392e1028967dfd74f1427f253727f5d9d7dae1b650ec93ed68da41cb984d632NetBSD Security Advisory 2000-012 - NIS client nodes may be vulnerable to a remote buffer overflow attack. If the node is configured to use NIS for hostname lookups, and a rogue NIS server is in a position to respond to a hostname lookup request, a malformed response could cause a denial of service due to abnormal program termination. In the worst case, an account could be hijacked.
9690fedf1029bc414ba63b720b85705df2c468f2335478a505a2da0e0ca9449dNetBSD Security Advisory 2000-011 - Netscape's processing of JPEG comments trusted the length parameter for comment fields; by manipulating this value, it is possible to cause netscape to read in an excessive amount of data, overwriting memory. Specially designed data could allow a remote site to execute arbitrary code as the user of netscape. This vulnerability has been fixed in Netscape 4.74.
ee621f140533c524890bdf720a8551ec93c8c64af2312f54c7cd2a1fa6820ed5NetBSD Security Advisory 2000-010 - wu-ftpd versions prior to 2.6.1 contain known security holes which allow unauthorized remote users to gain root access.
cd93cf79b743ebe4c8fadd4db3ac3ba2d12280f7e28999ab3115b93f37840dd2NetBSD Security Advisory 2000-009 - An improper use of the setproctitle() library function by ftpd may allow a malicious remote ftp client to subvert an FTP server, including possibly getting remote root access to a system.
e738d5814b569a7ca3be40277de7b98cd3a21bb900e8613c115bf34d5e3d85c4NetBSD Security Advisory 2000-008 - The DHCP client program, dhclient(8), did not correctly handle DHCP options it receives in DHCP response messages, possibly permitting a rogue dhcp server to send maliciously formed options which resulted in a remote root compromise.
689eb3394762910611c11587282a13367c62d78411f6906114508c189e19670eNetBSD Security Advisory 2000-007 - If /dev/urandom is not present and functioning correctly, des_init_random_number_generator seeds the random number generator with constant data, causing the generation of keys which are easy to determine. The following programs which are included in the NetBSD distribution are impacted by this bug: telnet, telnetd, kadmin, kdb_edit, kdb_init, kerberos, and ksrvutil.
e1d055b2555d5fce58da4d1716b13072674fd2c5d66c268d460de2e000491fb8NetBSD Security Advisory 2000-006 - Untrusted local processes can hog cpu and kernel memory by tricking the kernel into running exclusively on their behalf, denying other processes the CPU.
cac750a58cf9b85d2630794215188083198ea320a7a11c55b56b766d530a2deaNetBSD Security Advisory 2000-005 - Untrusted local processes can hog cpu and kernel memory by tricking the kernel into running exclusively on their behalf, denying other processes the CPU.
f386ac97b48ce8e1bd94b4c276d31ed35256067003b8a2673f30c9f9fe95f974NetBSD Security Advisory 2000-004 - An undocumented system call permits any user process to lock up the entire semaphore subsystem, preventing processes using semaphores from locking or unlocking them, and preventing processes holding semaphores from exiting.
c73d42a54f6b2912c562ac008d2fceb0d23730edbc94c5372e844549d8e71073NetBSD Security Advisory 2000-003 - Exploitable vulnerability in xlockmore. Xlock can be manipulated to print /etc/shadow.
287e6d1314b1ad1faffd919e3f691fe493e2b86f5526625e8e868eaa9d21974e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed