Shodan
Vulnerabilities
Vulnerable Software
Netbsd:  >> Netbsd  >> 3.0  Security Vulnerabilities
CVE-2006-2205
The audio_write function in NetBSD 3.0 allows local users to cause a denial of service (kernel crash) by using the audiosetinfo ioctl to change the sample rate of an audio device.
CVSS Score
2.1
EPSS Score
0.001
Published
2006-05-05
CVE-2006-1833
Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface.
CVSS Score
2.6
EPSS Score
0.003
Published
2006-04-19
CVE-2006-1797
The kernel in NetBSD-current before September 28, 2005 allows local users to cause a denial of service (system crash) by using the SIOCGIFALIAS ioctl to gather information on a non-existent alias of a network interface, which causes a NULL pointer dereference.
CVSS Score
4.9
EPSS Score
0.001
Published
2006-04-18
CVE-2006-1814
NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by using the sysctl system call to lock a large buffer into physical memory.
CVSS Score
2.1
EPSS Score
0.001
Published
2006-04-18
CVE-2006-1587
NetBSD 1.6 up to 3.0, when a user has "set record" in .mailrc with the default umask set, creates the record file with 0644 permissions, which allows local users to read the record file.
CVSS Score
2.1
EPSS Score
0.001
Published
2006-04-03
CVE-2006-1588
The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory.
CVSS Score
2.1
EPSS Score
0.001
Published
2006-04-03
CVE-2006-1589
The elf_load_file function in NetBSD 2.0 through 3.0 allows local users to cause a denial of service (kernel crash) via an ELF interpreter that does not have a PT_LOAD section in its header, which triggers a null dereference.
CVSS Score
4.9
EPSS Score
0.0
Published
2006-04-03
CVE-2006-0905
A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks.
CVSS Score
7.5
EPSS Score
0.012
Published
2006-03-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved