NetBSD Security Advisories by Date
- NetBSD-SA2021-002 Incorrect permissions in kernfs
- NetBSD-SA2021-001 Predictable ID disclosures in IPv4 and IPv6
- NetBSD-SA2020-003 USB network interface jumbo packet memory corruption
- NetBSD-SA2020-002 Specific ICMPv6 error message packet can crash the system
- NetBSD-SA2020-001 Missing permissions checks for network ioctls
- NetBSD-SA2019-006 Denial of service and possible privilege escallation in filemon
- NetBSD-SA2019-005 Sysctl RNG Key Erasure
- NetBSD-SA2019-004 IPv6 neighbor cache leak on expiration
- NetBSD-SA2019-003 Unprivileged user kernel stack disclosure in SIOCGIFCONF
- NetBSD-SA2019-002 Unprivileged kernel memory overwrite in mq_send(3)
- NetBSD-SA2019-001 Several kernel memory disclosure bugs
- NetBSD-SA2018-009 bozohttpd(8) can allow access to .htpasswd
- NetBSD-SA2018-008 Several vulnerabilities in NPF
- NetBSD-SA2018-007 Several vulnerabilities in IPSEC
- NetBSD-SA2018-006 Several vulnerabilities in the network stack
- NetBSD-SA2018-005 Privilege separation bug in Xen-amd64
- NetBSD-SA2018-004 Remote Memory Corruption in IPv6
- NetBSD-SA2018-003 Remote DoS in IPsec (IPv6)
- NetBSD-SA2018-002 Local DoS in virecover
- NetBSD-SA2018-001 Vulnerabilities in context handling
- NetBSD-SA2017-006 Vnode reference leak in the openat system call
- NetBSD-SA2017-005 X86: Vulnerabilities in context handling
- NetBSD-SA2017-004 Buffer overflow via cmap for 4 graphics drivers
- NetBSD-SA2017-003 Weak privilege separation in XEN
- NetBSD-SA2017-002 Several vulnerabilities in ARP
- NetBSD-SA2017-001 Memory leak in connect(2)
- NetBSD-SA2016-006 Race condition in mail.local(8)
- NetBSD-SA2016-005 Potential remote code execution in the bozohttpd CGI handlers
- NetBSD-SA2016-004 Multiple vulnerabilities in the compatibility layers
- NetBSD-SA2016-003 Privilege escalation in calendar(1)
- NetBSD-SA2016-002 BDF file parsing issues in libXfont
- NetBSD-SA2016-001 Multiple vulnerabilities in ntp daemon
- NetBSD-SA2015-009 TCP LAST_ACK state memory exhaustion
- NetBSD-SA2015-008 OpenSSL and TLS protocol vulnerabilities
- NetBSD-SA2015-007 OpenSSL and SSLv3 vulnerabilities
- NetBSD-SA2015-006 OpenSSL and SSLv3 vulnerabilities
- NetBSD-SA2015-005 buffer overflow in libevent (CVE-2014-6272)
- NetBSD-SA2015-004 Two vulnerabilities in the compatibility layers
- NetBSD-SA2015-003 NTPd multiple vulnerabilities (CVE-2014-929[3-6])
- NetBSD-SA2015-002 bind Denial of Service (CVE-2014-8500)
- NetBSD-SA2015-001 Protocol handling issues in X Window System servers
- NetBSD-SA2014-015 OpenSSL and SSLv3 vulnerabilities
- NetBSD-SA2014-014 Multiple vulnerabilities in the mount system call
- NetBSD-SA2014-013 ftp(1) can be made to execute arbitrary commands by a malicious webserver
- NetBSD-SA2014-012 Memory leak in the setsockopt system call
- NetBSD-SA2014-011 User-controlled memory allocation in the modctl system call
- NetBSD-SA2014-010 Multiple vulnerabilities in the compatibility layers
- NetBSD-SA2014-009 Multiple vulnerabilities in the execve system call
- NetBSD-SA2014-008 Multiple OpenSSL vulnerabilities
- NetBSD-SA2014-007 bozohttpd basic http authentication bypass
- NetBSD-SA2014-006 Multiple OpenSSL vulnerabilities
- NetBSD-SA2014-005 libXfont multiple vulnerabilities
- NetBSD-SA2014-004 OpenSSL information disclosure ("heartbleed")
- NetBSD-SA2014-003 posix_spawn unbounded kernel memory allocation
- NetBSD-SA2014-002 ntpd used as DDoS amplifier
- NetBSD-SA2014-001 Stack buffer overflow in libXfont
- NetBSD-SA2013-013 Memory leak when trying to execute bogus ELF binaries
- NetBSD-SA2013-012 Router Advertisement sysctl local Denial of Service
- NetBSD-SA2013-011 embryonic TCP sockets local DoS
- NetBSD-SA2013-010 Use after free in Xserver handling of ImageText requests
- NetBSD-SA2013-009 user settable small BPF buffer can cause a panic
- NetBSD-SA2013-008 Error in authorization check re tcpdrop sysctl
- NetBSD-SA2013-007 Protocol handling issues in X Window System client libraries
- NetBSD-SA2013-006 Arbitrary Kernel Read with netstat -P
- NetBSD-SA2013-005 bind Denial of Service (CVE-2013-4854)
- NetBSD-SA2013-004 Vulnerabilities in grep
- NetBSD-SA2013-003 RNG Bug May Result in Weak Cryptographic Keys
- NetBSD-SA2013-002 kqueue related kernel panic triggered from userland
- NetBSD-SA2013-001 kernel panic triggered from userland
- NetBSD-SA2012-004 BIND resolver DoS when using DNSSEC Validation
- NetBSD-SA2012-003 Intel processors sysret to non-canonical address behaviour
- NetBSD-SA2012-002 OpenSSL Invalid TLS/DTLS record attack
- NetBSD-SA2012-001 OpenSSL buffer overflow in DER read function
- NetBSD-SA2011-009 BIND resolver DoS
- NetBSD-SA2011-008 OpenPAM privilege escalation
- NetBSD-SA2011-007 LZW decoding loop on manipulated compressed files
- NetBSD-SA2011-006 BIND DoS via packet with rrtype zero
- NetBSD-SA2011-005 ISC dhclient does not strip shell meta-characters in
- NetBSD-SA2011-004 Kernel stack overflow via nested IPCOMP packet
- NetBSD-SA2011-003 Exhausting kernel memory from user controlled value
- NetBSD-SA2011-002 OpenSSL TLS extension parsing race condition.
- NetBSD-SA2011-001 BIND DoS due to improper handling of RRSIG records
- NetBSD-SA2010-013 UDP6 Option Parsing local Denial of Service
- NetBSD-SA2010-012 OpenSSL TLS extension parsing race condition.
- NetBSD-SA2010-011 OpenSSL Double Free Arbitrary Code Execution
- NetBSD-SA2010-010 Buffer Length Handling Errors in netsmb
- NetBSD-SA2010-009 Privilege Handling Errors In larn
- NetBSD-SA2010-008 sftp(1)/ftp(1)/glob(3) related resource exhaustion
- NetBSD-SA2010-007 Integer overflow in libbz2 decompression code
- NetBSD-SA2010-006 Buffer length checking errors in CODA
- NetBSD-SA2010-005 NTP server Denial of Service vulnerability
- NetBSD-SA2010-004 amd64 per-page No-execute (NX) bit disabled
- NetBSD-SA2010-003 azalia(4)/hdaudio(4) negative mixer index panic
- NetBSD-SA2010-002 OpenSSL TLS renegotiation man in the middle vulnerability
- NetBSD-SA2010-001 File system module autoloading Denial of Service attack
- NetBSD-SA2009-013 BIND named dynamic update Denial of Service vulnerability
- NetBSD-SA2009-012 SHA2 implementation potential buffer overflow
- NetBSD-SA2009-011 ISC DHCP server Denial of Service vulnerability
- NetBSD-SA2009-010 ISC dhclient subnet-mask flag stack overflow
- NetBSD-SA2009-009 OpenSSL DTLS Memory Exhaustion and DSA signature verification vulnerabilities
- NetBSD-SA2009-008 OpenSSL ASN1 parsing denial of service and CMS signature verification weakness
- NetBSD-SA2009-007 Buffer overflows in hack(6)
- NetBSD-SA2009-006 Buffer overflows in ntp
- NetBSD-SA2009-005 Plaintext Recovery Attack Against SSH
- NetBSD-SA2009-004 NetBSD OpenPAM passwd(1) changing weakness
- NetBSD-SA2009-003 proplib crashes on reading bad XML data
- NetBSD-SA2009-002 tcpdump multiple denial of service and arbitrary code execution issues
- NetBSD-SA2009-001 PF firewall remote Denial Of Service attack
- NetBSD-SA2008-015 ICMPv6 Packet Too Big messages
- NetBSD-SA2008-014 Cross-site request forgery in ftpd(8)
- NetBSD-SA2008-013 IPv6 Neighbor Discovery Protocol
- NetBSD-SA2008-012 Denial of service issues in racoon(8)
- NetBSD-SA2008-011 ICMPv6 MLD query
- NetBSD-SA2008-010 Malicious PPPoE discovery packet can overrun a kernel buffer
- NetBSD-SA2008-009 BIND cache poisoning
- NetBSD-SA2008-008 OpenSSL Montgomery multiplication
- NetBSD-SA2008-007 OpenSSL Multiple issues
- NetBSD-SA2008-006 Integer overflow in strfmon(3) function
- NetBSD-SA2008-005 OpenSSH Multiple issues
- NetBSD-SA2008-004 bzip2(1) Multiple issues
- NetBSD-SA2008-003 IPsec in IPv6 Denial of Service
- NetBSD-SA2008-002 Endianness issue in fast_ipsec(4)
- NetBSD-SA2008-001 file(1) Integer overflow
- NetBSD-SA2007-007 BIND cryptographically weak query IDs
- NetBSD-SA2007-006 Local panics in display driver code
- NetBSD-SA2007-005 IPv6 Type 0 Routing Header
- NetBSD-SA2007-004 Insufficient length checking in iso(4)
- NetBSD-SA2007-003 BIND multiple denial of service vulnerabilities
- NetBSD-SA2007-002 Integer overflows in Render and DBE extensions
- NetBSD-SA2007-001 Integer overflow in ktruser()
- NetBSD-SA2006-027 libc glob(3) buffer overflow
- NetBSD-SA2006-026 Multiple denial of service issues
- NetBSD-SA2006-025 Multiple information/memory leakage issues
- NetBSD-SA2006-024 systrace(4) integer overflow
- NetBSD-SA2006-023 OpenSSL RSA Signature Forgery
- NetBSD-SA2006-022 BIND recursive query and SIG query processing
- NetBSD-SA2006-021 Integer overflows in CID-keyed font parser
- NetBSD-SA2006-020 Integer overflows in PCF font parsers
- NetBSD-SA2006-019 Malicious PPP options can overrun a kernel buffer
- NetBSD-SA2006-018 sail(6), dm(8) and tetris(6) buffer overflows
- NetBSD-SA2006-017 Sendmail malformed multipart MIME messages
- NetBSD-SA2006-016 IPv6 socket options can crash the system
- NetBSD-SA2006-015 FPU Information leak on i386/amd64/Xen platforms with AMD CPUs
- NetBSD-SA2006-014 An audio subsystem race condition may crash the system
- NetBSD-SA2006-013 sysctl(3) local denial of service
- NetBSD-SA2006-012 SIOCGIFALIAS ioctl may cause system crash
- NetBSD-SA2006-011 IPSec replay attack
- NetBSD-SA2006-010 Sendmail race condition
- NetBSD-SA2006-009 False detection of Intel hardware RNG
- NetBSD-SA2006-008 Malformed ELF interpreter causes system crash
- NetBSD-SA2006-007 mail(1) creates record file with insecure umask
- NetBSD-SA2006-005 bridge memory disclosure
- NetBSD-SA2006-004 Denial of services issues with pf
- NetBSD-SA2006-003 Multiple denial of services issues with racoon
- NetBSD-SA2006-002 settimeofday() time wrap
- NetBSD-SA2006-001 Kernfs kernel memory disclosure
- NetBSD-SA2005-013 ptrace() permissions after S[UG]ID and exec()
- NetBSD-SA2005-012 SO_LINGER argument checking DIAGNOSTIC panic
- NetBSD-SA2005-011 ntpd may start with different group id than desired
- NetBSD-SA2005-010 OpenSSL "man in the middle" can force weak protocol
- NetBSD-SA2005-009 Insecure /tmp file usage when building using imake
- NetBSD-SA2005-008 Heap memory corruption in FreeBSD compat code
- NetBSD-SA2005-007 AES-XCBC-MAC (IPsec AH) calculated using fixed key
- NetBSD-SA2005-006 Multiple vulnerabilities in CVS
- NetBSD-SA2005-005 cgd(4) key destruction on unconfigure
- NetBSD-SA2005-004 Buffer overflows in MIT Kerberos 5
- NetBSD-SA2005-003 F_CLOSEM local denial of service
- NetBSD-SA2005-002 Local DoS via audio device with specific drivers
- NetBSD-SA2005-001 Crypto leaks across HyperThreaded CPUs (i386, P4, HTT+SMP only)
- NetBSD-SA2004-010 Insufficient argument validation in compat code
- NetBSD-SA2004-009 ftpd root escalation
- NetBSD-SA2004-008 CVS server vulnerability
- NetBSD-SA2004-007 Systrace systrace_exit() local root
- NetBSD-SA2004-006 TCP protocol and implementation vulnerability
- NetBSD-SA2004-005 Denial of service vulnerabilities in OpenSSL
- NetBSD-SA2004-004 shmat reference counting bug
- NetBSD-SA2004-003 OpenSSL 0.9.6 ASN.1 parser vulnerability
- NetBSD-SA2004-002 Inconsistent IPv6 path MTU discovery handling
- NetBSD-SA2004-001 Insufficient packet validation in racoon IKE daemon
- NetBSD-SA2003-018 DNS negative cache poisoning
- NetBSD-SA2003-017 OpenSSL multiple vulnerability
- NetBSD-SA2003-016 Sendmail - another prescan() bug CAN-2003-0694
- NetBSD-SA2003-015 Remote and local vulnerabilities in XFree86 font libraries
- NetBSD-SA2003-014 Insufficient argument checking in sysctl(2)
- NetBSD-SA2003-013 Kernel memory disclosure via ibcs2
- NetBSD-SA2003-012 Out of bounds memset(0) in sshd
- NetBSD-SA2003-011 off-by-one error in realpath(3)
- NetBSD-SA2003-010 remote panic in OSI networking code
- NetBSD-SA2003-009 sendmail buffer overrun in prescan() address parser
- NetBSD-SA2003-008 faulty length checks in xdrmem_getbytes
- NetBSD-SA2003-007 (Another) Encryption weakness in OpenSSL code
- NetBSD-SA2003-006 Cryptographic weaknesses in Kerberos v4 protocol
- NetBSD-SA2003-005 RSA timing attack in OpenSSL code
- NetBSD-SA2003-004 Format string vulnerability in zlib gzprintf()
- NetBSD-SA2003-003 Buffer Overflow in file(1)
- NetBSD-SA2003-002 Malformed header Sendmail Vulnerability
- NetBSD-SA2003-001 Encryption weakness in OpenSSL code
- NetBSD-SA2002-029 named(8) multiple denial of service and remote execution of code
- NetBSD-SA2002-028 Buffer overrun in getnetbyname/getnetbyaddr
- NetBSD-SA2002-027 ftpd STAT output non-conformance can deceive firewall devices
- NetBSD-SA2002-026 buffer overrun in kadmind
- NetBSD-SA2002-025 trek(6) buffer overrun
- NetBSD-SA2002-024 IPFilter FTP proxy
- NetBSD-SA2002-023 sendmail smrsh vulnerability
- NetBSD-SA2002-022 buffer overrun in pic(1)
- NetBSD-SA2002-021 rogue vulnerability
- NetBSD-SA2002-019 Buffer overrun in talkd
- NetBSD-SA2002-018 Multiple security isses with kfd daemon
- NetBSD-SA2002-017 shutdown(s, SHUT_RD) on TCP socket does not work as intended
- NetBSD-SA2002-016 Insufficient length check in ESP authentication data
- NetBSD-SA2002-015 (another) buffer overrun in libc/libresolv DNS resolver
- NetBSD-SA2002-014 fd_set overrun in mbone tools and pppd
- NetBSD-SA2002-013 Bug in NFS server code allows remote denial of service
- NetBSD-SA2002-012 buffer overrun in setlocale
- NetBSD-SA2002-011 Sun RPC XDR decoder contains buffer overflow
- NetBSD-SA2002-010 symlink race in pppd
- NetBSD-SA2002-009 Multiple vulnerabilities in OpenSSL code
- NetBSD-SA2002-007 Repeated TIOCSCTTY ioctl can corrupt session hold counts
- NetBSD-SA2002-006 buffer overrun in libc DNS resolver
- NetBSD-SA2002-005 OpenSSH protocol version 2 challenge-response authentication
- NetBSD-SA2002-004 Off-by-one error in openssh session
- NetBSD-SA2002-003 IPv4 forwarding doesn't consult inbound SPD
- NetBSD-SA2002-002 gzip buffer overrun with long filename
- NetBSD-SA2002-001 Close-on-exec, SUID and ptrace(2)
- NetBSD-SA2001-018 Remote Buffer Overflow Vulnerability in BSD Line Printer Daemon
- NetBSD-SA2001-017 sendmail(8) incorrect command line argument check.
- NetBSD-SA2001-016 unsafe chdir usage in fts(3).
- NetBSD-SA2001-015 Insufficient checking of lengths passed from userland to kernel.
- NetBSD-SA2001-014 dump(8) exposes 'tty' group.
- NetBSD-SA2001-013 OpenSSL PRNG weakness.
- NetBSD-SA2001-012 telnetd(8) options overflow.
- NetBSD-SA2001-011 Insufficient msg_controllen checking for sendmsg(2).
- NetBSD-SA2001-010 sshd(8) "cookies" file mishandling on X11 forwarding.
- NetBSD-SA2001-009 Race condition between sugid-exec and ptrace(2).
- NetBSD-SA2001-008 Processes can gain "Supervisor" privileges on sh3.
- NetBSD-SA2001-007 IP Filter may incorrectly pass packets.
- NetBSD-SA2001-006 Denial of service using bogus fragmented IPv4 packets.
- NetBSD-SA2001-005 Remote buffer overflow in ftpd.
- NetBSD-SA2001-004 Buffer overflow in NTP daemon.
- NetBSD-SA2001-003 Secure Shell (SSH) vulnerability and rnd(4) configuration.
- NetBSD-SA2001-002 USER_LDT vulnerability on i386 systems only.
- NetBSD-SA2001-001 Security vulnerabilies in BIND.
- NetBSD-SA2000-018 Security vulnerability in ftpd.
- NetBSD-SA2000-017 Security vulnerability in telnetd/libkrb.
- NetBSD-SA2000-015 Security vulnerability in libutil.
- NetBSD-SA2000-014 Security vulnerability in CGI interface of global packages.
- NetBSD-SA2000-013 Security vulnerability in cfengine packages.
- NetBSD-SA2000-012 Security vulnerability in NIS hostname lookup.
- NetBSD-SA2000-011 Security vulnerability in netscape packages.
- NetBSD-SA2000-010 Security vulnerability in wu-ftpd package.
- NetBSD-SA2000-009 Security vulnerability in ftpd .
- NetBSD-SA2000-008 Remote dhclient vulnerability.
- NetBSD-SA2000-007 Bad key generation in libdes in NetBSD-current.
- NetBSD-SA2000-006 ftpd error parsing /etc/ftpchroot.
- NetBSD-SA2000-005 local cpu-hog denial of service.
- NetBSD-SA2000-004 semcontrol(2) vulnerability.
- NetBSD-SA2000-003 xlockmore package vulnerability.
- NetBSD-SA2000-002 IP Options vulnerability.
- NetBSD-SA2000-001 procfs vulnerability.
- NetBSD-SA1999-012 VAX ptrace(2) vulnerability.
- NetBSD-SA1999-011 profil(2) problems.
- NetBSD-SA1999-010 ARP problems.
- NetBSD-SA1999-009 i386 SVR4 compatibility problems.
- NetBSD-SA1999-008 vfs locking problems.
- NetBSD-SA1999-007 mount(2) problems.
- NetBSD-SA1999-006 umapfs problems.
- NetBSD-SA1999-005 lsof(1) package problems.
- NetBSD-SA1999-004 traceroute(1) problems.
- NetBSD-SA1999-003 wu-ftpd(8) package problems.
- NetBSD-SA1999-002 netstat(1) problems.
- NetBSD-SA1999-001 select(2)/accept(2) race condition in TCP servers.
- NetBSD-SA1998-005 mmap(2) device driver vulnerabilties.
- NetBSD-SA1998-004 at(1) vulnerabilties.
- NetBSD-SA1998-003 mmap(2) and append-only files vulnerabilities.
- NetBSD-SA1998-002 xterm and Xaw vulnerablilities.
- NetBSD-SA1998-001 BIND 4.9.6 vulnerabilities.