Netbsd Netbsd

  1. Vendors
  2. Netbsd

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Netbsd product.

RSS Feeds for Netbsd security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Netbsd products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Netbsd Sorted by Most Security Vulnerabilities since 2018

Netbsd28 vulnerabilities

Netbsd Ftpd1 vulnerability

Netbsd Current1 vulnerability

Netbsd Tnftpd1 vulnerability

Netbsd Umapfs1 vulnerability

By the Year

In 2026 there have been 0 vulnerabilities in Netbsd. Netbsd did not have any published security vulnerabilities last year.




Year Vulnerabilities Average Score
2026 0 0.00
2025 0 0.00
2024 1 8.10
2023 1 7.50
2022 0 0.00
2021 5 7.06

It may take a day or so for new Netbsd vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Netbsd Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2024-6387 Jul 01, 2024
OpenSSH Race Condition leading to RCE, known as regreSSHion A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
Netbsd
CVE-2023-45198 Oct 05, 2023
NetBSD ftpd/tnftpd Information Leak via MLSD/MLST Before Auth ftpd before "NetBSD-ftpd 20230930" can leak information about the host filesystem before authentication via an MLSD or MLST command. tnftpd (the portable version of NetBSD ftpd) before 20231001 is also vulnerable.
Tnftpd
Ftpd
CVE-2021-45489 Dec 25, 2021
In NetBSD through 9.2 In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG.
Netbsd
CVE-2021-45488 Dec 25, 2021
In NetBSD through 9.2 In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.
Netbsd
CVE-2021-45487 Dec 25, 2021
In NetBSD through 9.2 In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures.
Netbsd
CVE-2021-45484 Dec 25, 2021
In NetBSD through 9.2 In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.
Netbsd
CVE-2020-26139 May 11, 2021
An issue was discovered in the kernel in NetBSD 7.1 An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.
Netbsd
CVE-2014-3566 Oct 15, 2014
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
Netbsd
CVE-2011-0419 May 16, 2011
Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
Netbsd
CVE-2008-4609 Oct 20, 2008
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
Netbsd
Netbsd Current
CVE-2006-6397 Dec 08, 2006
Integer overflow in banner/banner.c in FreeBSD, NetBSD, and OpenBSD might allow local users to modify memory via a long banner Integer overflow in banner/banner.c in FreeBSD, NetBSD, and OpenBSD might allow local users to modify memory via a long banner. NOTE: CVE and multiple third parties dispute this issue. Since banner is not setuid, an exploit would not cross privilege boundaries in normal operations. This issue is not a vulnerability
Netbsd
CVE-2006-6165 Nov 29, 2006
ld.so in FreeBSD, NetBSD, and possibly other BSD distributions does not remove certain harmful environment variables, which ld.so in FreeBSD, NetBSD, and possibly other BSD distributions does not remove certain harmful environment variables, which allows local users to gain privileges by passing certain environment variables to loading processes. NOTE: this issue has been disputed by a third party, stating that it is the responsibility of the application to properly sanitize the environment
Netbsd
CVE-2004-0230 Aug 18, 2004
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.
Netbsd
CVE-2003-0466 Aug 27, 2003
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
Netbsd
CVE-2002-1337 Mar 07, 2003
Buffer overflow in Sendmail 5.79 to 8.12.7 Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
Netbsd
CVE-2002-1915 Dec 31, 2002
tip on multiple BSD-based operating systems tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file.
Netbsd
CVE-2001-0554 Aug 14, 2001
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
Netbsd
CVE-1999-0433 Mar 21, 1999
XFree86 startx command is vulnerable to a symlink attack XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
Netbsd
CVE-1999-0420 Mar 17, 1999
umapfs allows local users to gain root privileges by changing their uid through a malicious mount_umap program. umapfs allows local users to gain root privileges by changing their uid through a malicious mount_umap program.
Umapfs
CVE-1999-0422 Mar 17, 1999
In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set.
Netbsd
CVE-1999-0396 Feb 17, 1999
A race condition between the select() and accept() calls in NetBSD TCP servers A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.
Netbsd
CVE-1999-0303 May 21, 1998
Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.
Netbsd
CVE-1999-0304 Feb 01, 1998
mmap function in BSD mmap function in BSD allows local attackers in the kmem group to modify memory through devices.
Netbsd
CVE-1999-0513 Jan 05, 1998
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
Netbsd
CVE-1999-0017 Dec 10, 1997
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
Netbsd
CVE-1999-0016 Dec 01, 1997
Land IP denial of service. Land IP denial of service.
Netbsd
CVE-1999-0628 Jul 01, 1997
The rwho/rwhod service is running The rwho/rwhod service is running, which exposes machine status and user information.
Netbsd
CVE-1999-0074 Jul 01, 1997
Listening TCP ports are sequentially allocated Listening TCP ports are sequentially allocated, allowing spoofing attacks.
Netbsd
CVE-1999-0046 Feb 06, 1997
Buffer overflow of rlogin program using TERM environmental variable. Buffer overflow of rlogin program using TERM environmental variable.
Netbsd
CVE-1999-0297 Dec 12, 1996
Buffer overflow in Vixie Cron library up to version 3.0 Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.
Netbsd
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.