Netbsd Netbsd

Do you want an email whenever new security vulnerabilities are reported in Netbsd?

By the Year

In 2022 there have been 0 vulnerabilities in Netbsd . Last year Netbsd had 5 security vulnerabilities published. Right now, Netbsd is on track to have less security vulnerabilities in 2022 than it did last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 5 7.06
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Netbsd vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Netbsd Security Vulnerabilities

In NetBSD through 9.2

CVE-2021-45489 7.5 - High - December 25, 2021

In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG.

PRNG

In NetBSD through 9.2

CVE-2021-45488 7.5 - High - December 25, 2021

In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.

Use of a Broken or Risky Cryptographic Algorithm

In NetBSD through 9.2

CVE-2021-45487 7.5 - High - December 25, 2021

In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures.

Use of a Broken or Risky Cryptographic Algorithm

In NetBSD through 9.2

CVE-2021-45484 7.5 - High - December 25, 2021

In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.

Inadequate Encryption Strength

An issue was discovered in the kernel in NetBSD 7.1

CVE-2020-26139 5.3 - Medium - May 11, 2021

An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.

authentification

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data

CVE-2014-3566 3.4 - Low - October 15, 2014

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

Cryptographic Issues

Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android

CVE-2011-0419 - May 16, 2011

Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.

Allocation of Resources Without Limits or Throttling

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors

CVE-2008-4609 - October 20, 2008

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.

Configuration

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems

CVE-2001-0554 - August 14, 2001

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

Classic Buffer Overflow

XFree86 startx command is vulnerable to a symlink attack

CVE-1999-0433 - March 21, 1999

XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.

In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems

CVE-1999-0422 - March 17, 1999

In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set.

A race condition between the select() and accept() calls in NetBSD TCP servers

CVE-1999-0396 - February 17, 1999

A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.

Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.

CVE-1999-0303 - May 21, 1998

Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.

mmap function in BSD

CVE-1999-0304 - February 01, 1998

mmap function in BSD allows local attackers in the kmem group to modify memory through devices.

ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack

CVE-1999-0513 - January 05, 1998

ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.

FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client

CVE-1999-0017 - December 10, 1997

FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.

Listening TCP ports are sequentially allocated

CVE-1999-0074 - July 01, 1997

Listening TCP ports are sequentially allocated, allowing spoofing attacks.

The rwho/rwhod service is running

CVE-1999-0628 - July 01, 1997

The rwho/rwhod service is running, which exposes machine status and user information.

Buffer overflow of rlogin program using TERM environmental variable.

CVE-1999-0046 - February 06, 1997

Buffer overflow of rlogin program using TERM environmental variable.

Buffer overflow in Vixie Cron library up to version 3.0

CVE-1999-0297 - December 12, 1996

Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for FreeBSD or by Netbsd? Click the Watch button to subscribe.

Netbsd
Vendor

Netbsd
Product

subscribe