Netbsd: Security Vulnerabilities
Teardrop IP denial of service.
CVSS Score
5.0
EPSS Score
0.259
Published
1997-12-16
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
CVSS Score
7.5
EPSS Score
0.011
Published
1997-12-10
Land IP denial of service.
CVSS Score
5.0
EPSS Score
0.726
Published
1997-12-01
The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.
CVSS Score
2.1
EPSS Score
0.001
Published
1997-09-15
rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not.
CVSS Score
5.0
EPSS Score
0.005
Published
1997-08-24
Listening TCP ports are sequentially allocated, allowing spoofing attacks.
CVSS Score
6.4
EPSS Score
0.059
Published
1997-07-01
The rwho/rwhod service is running, which exposes machine status and user information.
CVSS Score
5.0
EPSS Score
0.006
Published
1997-07-01
Buffer overflow of rlogin program using TERM environmental variable.
CVSS Score
10.0
EPSS Score
0.035
Published
1997-02-06
Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.
CVSS Score
7.2
EPSS Score
0.001
Published
1996-12-12
Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname.
CVSS Score
7.5
EPSS Score
0.047
Published
1996-08-21