NetBSD Security Advisories
- NetBSD-SA2006-002 settimeofday() time wrap
- NetBSD-SA2006-001 Kernfs kernel memory disclosure
- NetBSD-SA2005-013 ptrace() permissions after S[UG]ID and exec()
- NetBSD-SA2005-012 SO_LINGER argument checking DIAGNOSTIC panic
- NetBSD-SA2005-011 ntpd may start with different group id than desired
- NetBSD-SA2005-010 OpenSSL "man in the middle" can force weak protocol
- NetBSD-SA2005-009 Insecure /tmp file usage when building using imake
- NetBSD-SA2005-008 Heap memory corruption in FreeBSD compat code
- NetBSD-SA2005-007 AES-XCBC-MAC (IPsec AH) calculated using fixed key
- NetBSD-SA2005-006 Multiple vulnerabilities in CVS
- NetBSD-SA2005-005 cgd(4) key destruction on unconfigure
- NetBSD-SA2005-004 Buffer overflows in MIT Kerberos 5
- NetBSD-SA2005-003 F_CLOSEM local denial of service
- NetBSD-SA2005-002 Local DoS via audio device with specific drivers
- NetBSD-SA2005-001 Crypto leaks across HyperThreaded CPUs (i386, P4, HTT+SMP only)
- NetBSD-SA2004-010 Insufficient argument validation in compat code
- NetBSD-SA2004-009 ftpd root escalation
- NetBSD-SA2004-008 CVS server vulnerability
- NetBSD-SA2004-007 Systrace systrace_exit() local root
- NetBSD-SA2004-006 TCP protocol and implementation vulnerability
- NetBSD-SA2004-005 Denial of service vulnerabilities in OpenSSL
- NetBSD-SA2004-004 shmat reference counting bug
- NetBSD-SA2004-003 OpenSSL 0.9.6 ASN.1 parser vulnerability
- NetBSD-SA2004-002 Inconsistent IPv6 path MTU discovery handling
- NetBSD-SA2004-001 Insufficient packet validation in racoon IKE daemon
- NetBSD-SA2003-018 DNS negative cache poisoning
- NetBSD-SA2003-017 OpenSSL multiple vulnerability
- NetBSD-SA2003-016 Sendmail - another prescan() bug CAN-2003-0694
- NetBSD-SA2003-015 Remote and local vulnerabilities in XFree86 font libraries
- NetBSD-SA2003-014 Insufficient argument checking in sysctl(2)
- NetBSD-SA2003-013 Kernel memory disclosure via ibcs2
- NetBSD-SA2003-012 Out of bounds memset(0) in sshd
- NetBSD-SA2003-011 off-by-one error in realpath(3)
- NetBSD-SA2003-010 remote panic in OSI networking code
- NetBSD-SA2003-009 sendmail buffer overrun in prescan() address parser
- NetBSD-SA2003-008 faulty length checks in xdrmem_getbytes
- NetBSD-SA2003-007 (Another) Encryption weakness in OpenSSL code
- NetBSD-SA2003-006 Cryptographic weaknesses in Kerberos v4 protocol
- NetBSD-SA2003-005 RSA timing attack in OpenSSL code
- NetBSD-SA2003-004 Format string vulnerability in zlib gzprintf()
- NetBSD-SA2003-003 Buffer Overflow in file(1)
- NetBSD-SA2003-002 Malformed header Sendmail Vulnerability
- NetBSD-SA2003-001 Encryption weakness in OpenSSL code
- NetBSD-SA2002-029 named(8) multiple denial of service and remote execution of code
- NetBSD-SA2002-028 Buffer overrun in getnetbyname/getnetbyaddr
- NetBSD-SA2002-027 ftpd STAT output non-conformance can deceive firewall devices
- NetBSD-SA2002-026 buffer overrun in kadmind
- NetBSD-SA2002-025 trek(6) buffer overrun
- NetBSD-SA2002-024 IPFilter FTP proxy
- NetBSD-SA2002-023 sendmail smrsh vulnerability
- NetBSD-SA2002-022 buffer overrun in pic(1)
- NetBSD-SA2002-021 rogue vulnerability
- NetBSD-SA2002-020 is a pending advisory awaiting pullups.
- NetBSD-SA2002-019 Buffer overrun in talkd
- NetBSD-SA2002-018 Multiple security isses with kfd daemon
- NetBSD-SA2002-017 shutdown(s, SHUT_RD) on TCP socket does not work as intended
- NetBSD-SA2002-016 Insufficient length check in ESP authentication data
- NetBSD-SA2002-015 (another) buffer overrun in libc/libresolv DNS resolver
- NetBSD-SA2002-014 fd_set overrun in mbone tools and pppd
- NetBSD-SA2002-013 Bug in NFS server code allows remote denial of service
- NetBSD-SA2002-012 buffer overrun in setlocale
- NetBSD-SA2002-011 Sun RPC XDR decoder contains buffer overflow
- NetBSD-SA2002-010 symlink race in pppd
- NetBSD-SA2002-009 Multiple vulnerabilities in OpenSSL code
- NetBSD-SA2002-008 is a pending, non-exploit advisory.
- NetBSD-SA2002-007 Repeated TIOCSCTTY ioctl can corrupt session hold counts
- NetBSD-SA2002-006 buffer overrun in libc DNS resolver
- NetBSD-SA2002-005 OpenSSH protocol version 2 challenge-response authentication
- NetBSD-SA2002-004 Off-by-one error in openssh session
- NetBSD-SA2002-003 IPv4 forwarding doesn't consult inbound SPD
- NetBSD-SA2002-002 gzip buffer overrun with long filename
- NetBSD-SA2002-001 Close-on-exec, SUID and ptrace(2)
- NetBSD-SA2001-018 Remote Buffer Overflow Vulnerability in BSD Line Printer Daemon
- NetBSD-SA2001-017 sendmail(8) incorrect command line argument check.
- NetBSD-SA2001-016 unsafe chdir usage in fts(3).
- NetBSD-SA2001-015 Insufficient checking of lengths passed from userland to kernel.
- NetBSD-SA2001-014 dump(8) exposes 'tty' group.
- NetBSD-SA2001-013 OpenSSL PRNG weakness.
- NetBSD-SA2001-012 telnetd(8) options overflow.
- NetBSD-SA2001-011 Insufficient msg_controllen checking for sendmsg(2).
- NetBSD-SA2001-010 sshd(8) "cookies" file mishandling on X11 forwarding.
- NetBSD-SA2001-009 Race condition between sugid-exec and ptrace(2).
- NetBSD-SA2001-008 Processes can gain "Supervisor" privileges on sh3.
- NetBSD-SA2001-007 IP Filter may incorrectly pass packets.
- NetBSD-SA2001-006 Denial of service using bogus fragmented IPv4 packets.
- NetBSD-SA2001-005 Remote buffer overflow in ftpd.
- NetBSD-SA2001-004 Buffer overflow in NTP daemon.
- NetBSD-SA2001-003 Secure Shell (SSH) vulnerability and rnd(4) configuration.
- NetBSD-SA2001-002 USER_LDT vulnerability on i386 systems only.
- NetBSD-SA2001-001 Security vulnerabilies in BIND.
- NetBSD-SA2000-018 Security vulnerability in ftpd.
- NetBSD-SA2000-017 Security vulnerability in telnetd/libkrb.
- NetBSD-SA2000-015 Security vulnerability in libutil.
- NetBSD-SA2000-014 Security vulnerability in CGI interface of global packages.
- NetBSD-SA2000-013 Security vulnerability in cfengine packages.
- NetBSD-SA2000-012 Security vulnerability in NIS hostname lookup.
- NetBSD-SA2000-011 Security vulnerability in netscape packages.
- NetBSD-SA2000-010 Security vulnerability in wu-ftpd package.
- NetBSD-SA2000-009 Security vulnerability in ftpd .
- NetBSD-SA2000-008 Remote dhclient vulnerability.
- NetBSD-SA2000-007 Bad key generation in libdes in NetBSD-current.
- NetBSD-SA2000-006 ftpd error parsing /etc/ftpchroot.
- NetBSD-SA2000-005 local cpu-hog denial of service.
- NetBSD-SA2000-004 semcontrol(2) vulnerability.
- NetBSD-SA2000-003 xlockmore package vulnerability.
- NetBSD-SA2000-002 IP Options vulnerability.
- NetBSD-SA2000-001 procfs vulnerability.
- NetBSD-SA1999-012 VAX ptrace(2) vulnerability.
- NetBSD-SA1999-011 profil(2) problems.
- NetBSD-SA1999-010 ARP problems.
- NetBSD-SA1999-009 i386 SVR4 compatibility problems.
- NetBSD-SA1999-008 vfs locking problems.
- NetBSD-SA1999-007 mount(2) problems.
- NetBSD-SA1999-006 umapfs problems.
- NetBSD-SA1999-005 lsof(1) package problems.
- NetBSD-SA1999-004 traceroute(1) problems.
- NetBSD-SA1999-003 wu-ftpd(8) package problems.
- NetBSD-SA1999-002 netstat(1) problems.
- NetBSD-SA1999-001 select(2)/accept(2) race condition in TCP servers.
- NetBSD-SA1998-005 mmap(2) device driver vulnerabilties.
- NetBSD-SA1998-004 at(1) vulnerabilties.
- NetBSD-SA1998-003 mmap(2) and append-only files vulnerabilities.
- NetBSD-SA1998-002 xterm and Xaw vulnerablilities.
- NetBSD-SA1998-001 BIND 4.9.6 vulnerabilities.
![[NetBSD flag]](/images/NetBSD-flag.png)
Copyright © 1994-2006 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.
NetBSD® is a registered trademark of The NetBSD Foundation, Inc.