Shodan
Vulnerabilities
Vulnerable Software
Netbsd:  >> Netbsd  >> 1.6  Security Vulnerabilities
CVE-2002-1543
Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input.
CVSS Score
4.6
EPSS Score
0.001
Published
2003-03-31
CVE-2003-0102
Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).
CVSS Score
4.6
EPSS Score
0.083
Published
2003-03-18
CVE-2002-1337
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
CVSS Score
10.0
EPSS Score
0.623
Published
2003-03-07
CVE-2003-0001
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
CVSS Score
5.0
EPSS Score
0.016
Published
2003-01-17
CVE-2002-0666
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.
CVSS Score
5.0
EPSS Score
0.01
Published
2002-11-04
CVE-2002-1192
Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD 4.6, and possibly other operating systems, allows local users to gain "games" group privileges via malformed entries in a game save file.
CVSS Score
4.6
EPSS Score
0.003
Published
2002-10-28
CVE-2002-1194
Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other operating systems, may allow remote attackers to execute arbitrary code via a long inbound message.
CVSS Score
7.5
EPSS Score
0.032
Published
2002-10-28
CVE-2002-1165
Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified.
CVSS Score
4.6
EPSS Score
0.025
Published
2002-10-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved