Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2003-0102

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-01 Sep, 2004 | 04:00
Updated At-08 Aug, 2024 | 01:43
Rejected At-
Credits

Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:01 Sep, 2004 | 04:00
Updated At:08 Aug, 2024 | 01:43
Rejected At:
▼CVE Numbering Authority (CNA)

Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.idefense.com/advisory/03.04.03.txt
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/11469
vdb-entry
x_refsource_XF
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-003.txt.asc
vendor-advisory
x_refsource_NETBSD
http://www.redhat.com/support/errata/RHSA-2003-087.html
vendor-advisory
x_refsource_REDHAT
http://www.novell.com/linux/security/advisories/2003_017_file.html
vendor-advisory
x_refsource_SUSE
http://www.securityfocus.com/bid/7008
vdb-entry
x_refsource_BID
http://marc.info/?l=bugtraq&m=104680706201721&w=2
mailing-list
x_refsource_BUGTRAQ
http://lwn.net/Alerts/34908/
vendor-advisory
x_refsource_IMMUNIX
http://www.redhat.com/support/errata/RHSA-2003-086.html
vendor-advisory
x_refsource_REDHAT
http://www.debian.org/security/2003/dsa-260
vendor-advisory
x_refsource_DEBIAN
http://www.kb.cert.org/vuls/id/611865
third-party-advisory
x_refsource_CERT-VN
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:030
vendor-advisory
x_refsource_MANDRAKE
Hyperlink: http://www.idefense.com/advisory/03.04.03.txt
Resource:
x_refsource_MISC
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/11469
Resource:
vdb-entry
x_refsource_XF
Hyperlink: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-003.txt.asc
Resource:
vendor-advisory
x_refsource_NETBSD
Hyperlink: http://www.redhat.com/support/errata/RHSA-2003-087.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.novell.com/linux/security/advisories/2003_017_file.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.securityfocus.com/bid/7008
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://marc.info/?l=bugtraq&m=104680706201721&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://lwn.net/Alerts/34908/
Resource:
vendor-advisory
x_refsource_IMMUNIX
Hyperlink: http://www.redhat.com/support/errata/RHSA-2003-086.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.debian.org/security/2003/dsa-260
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.kb.cert.org/vuls/id/611865
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:030
Resource:
vendor-advisory
x_refsource_MANDRAKE
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.idefense.com/advisory/03.04.03.txt
x_refsource_MISC
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/11469
vdb-entry
x_refsource_XF
x_transferred
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-003.txt.asc
vendor-advisory
x_refsource_NETBSD
x_transferred
http://www.redhat.com/support/errata/RHSA-2003-087.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.novell.com/linux/security/advisories/2003_017_file.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.securityfocus.com/bid/7008
vdb-entry
x_refsource_BID
x_transferred
http://marc.info/?l=bugtraq&m=104680706201721&w=2
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://lwn.net/Alerts/34908/
vendor-advisory
x_refsource_IMMUNIX
x_transferred
http://www.redhat.com/support/errata/RHSA-2003-086.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.debian.org/security/2003/dsa-260
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.kb.cert.org/vuls/id/611865
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:030
vendor-advisory
x_refsource_MANDRAKE
x_transferred
Hyperlink: http://www.idefense.com/advisory/03.04.03.txt
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/11469
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-003.txt.asc
Resource:
vendor-advisory
x_refsource_NETBSD
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2003-087.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2003_017_file.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.securityfocus.com/bid/7008
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=104680706201721&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://lwn.net/Alerts/34908/
Resource:
vendor-advisory
x_refsource_IMMUNIX
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2003-086.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.debian.org/security/2003/dsa-260
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/611865
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:030
Resource:
vendor-advisory
x_refsource_MANDRAKE
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:18 Mar, 2003 | 05:00
Updated At:03 Apr, 2025 | 01:03

Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
file
file
>>file>>3.28
cpe:2.3:a:file:file:3.28:*:*:*:*:*:*:*
file
file
>>file>>3.30
cpe:2.3:a:file:file:3.30:*:*:*:*:*:*:*
file
file
>>file>>3.32
cpe:2.3:a:file:file:3.32:*:*:*:*:*:*:*
file
file
>>file>>3.33
cpe:2.3:a:file:file:3.33:*:*:*:*:*:*:*
file
file
>>file>>3.34
cpe:2.3:a:file:file:3.34:*:*:*:*:*:*:*
file
file
>>file>>3.35
cpe:2.3:a:file:file:3.35:*:*:*:*:*:*:*
file
file
>>file>>3.36
cpe:2.3:a:file:file:3.36:*:*:*:*:*:*:*
file
file
>>file>>3.37
cpe:2.3:a:file:file:3.37:*:*:*:*:*:*:*
file
file
>>file>>3.39
cpe:2.3:a:file:file:3.39:*:*:*:*:*:*:*
file
file
>>file>>3.40
cpe:2.3:a:file:file:3.40:*:*:*:*:*:*:*
NetBSD
netbsd
>>netbsd>>1.5
cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*
NetBSD
netbsd
>>netbsd>>1.5.1
cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*
NetBSD
netbsd
>>netbsd>>1.5.2
cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*
NetBSD
netbsd
>>netbsd>>1.5.3
cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*
NetBSD
netbsd
>>netbsd>>1.6
cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-003.txt.asccve@mitre.org
N/A
http://lwn.net/Alerts/34908/cve@mitre.org
N/A
http://marc.info/?l=bugtraq&m=104680706201721&w=2cve@mitre.org
N/A
http://www.debian.org/security/2003/dsa-260cve@mitre.org
N/A
http://www.idefense.com/advisory/03.04.03.txtcve@mitre.org
Exploit
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/611865cve@mitre.org
US Government Resource
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:030cve@mitre.org
N/A
http://www.novell.com/linux/security/advisories/2003_017_file.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2003-086.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2003-087.htmlcve@mitre.org
N/A
http://www.securityfocus.com/bid/7008cve@mitre.org
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/11469cve@mitre.org
N/A
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-003.txt.ascaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lwn.net/Alerts/34908/af854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=104680706201721&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2003/dsa-260af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.idefense.com/advisory/03.04.03.txtaf854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/611865af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:030af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.novell.com/linux/security/advisories/2003_017_file.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2003-086.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2003-087.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/7008af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/11469af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-003.txt.asc
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lwn.net/Alerts/34908/
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=104680706201721&w=2
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2003/dsa-260
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.idefense.com/advisory/03.04.03.txt
Source: cve@mitre.org
Resource:
Exploit
Patch
Vendor Advisory
Hyperlink: http://www.kb.cert.org/vuls/id/611865
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:030
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2003_017_file.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2003-086.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2003-087.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/7008
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/11469
Source: cve@mitre.org
Resource: N/A
Hyperlink: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-003.txt.asc
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lwn.net/Alerts/34908/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=104680706201721&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2003/dsa-260
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.idefense.com/advisory/03.04.03.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Vendor Advisory
Hyperlink: http://www.kb.cert.org/vuls/id/611865
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:030
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2003_017_file.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2003-086.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2003-087.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/7008
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/11469
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

12Records found
CVE-1999-0422
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.07% / 22.64%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set.

Action-Not Available
Vendor-n/aNetBSD
Product-netbsdn/a
CVE-2006-5218
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.08% / 23.49%
||
7 Day CHG~0.00%
Published-09 Oct, 2006 | 22:00
Updated-07 Aug, 2024 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl.

Action-Not Available
Vendor-n/aOpenBSDNetBSD
Product-openbsdnetbsdn/a
CVE-2004-0114
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.33% / 55.34%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local users to gain read or write access to a portion of kernel memory and gain privileges.

Action-Not Available
Vendor-n/aOpenBSDNetBSDFreeBSD Foundation
Product-netbsdopenbsdfreebsdn/a
CVE-2002-1476
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.10% / 28.13%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local attackers to execute arbitrary code via a user-controlled locale string that has more than 6 elements, which exceeds the boundaries of the new_categories category array, as exploitable through programs such as xterm and zsh.

Action-Not Available
Vendor-n/aNetBSD
Product-netbsdn/a
CVE-2002-1165
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-2.90% / 85.81%
||
7 Day CHG~0.00%
Published-03 Oct, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified.

Action-Not Available
Vendor-sendmailn/aNetBSD
Product-sendmailnetbsdn/a
CVE-2002-1192
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.37% / 57.88%
||
7 Day CHG~0.00%
Published-15 Oct, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD 4.6, and possibly other operating systems, allows local users to gain "games" group privileges via malformed entries in a game save file.

Action-Not Available
Vendor-roguen/aNetBSD
Product-netbsdroguen/a
CVE-2002-1543
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input.

Action-Not Available
Vendor-n/aNetBSD
Product-netbsdn/a
CVE-1999-0433
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.17% / 38.97%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.

Action-Not Available
Vendor-xfree86_projectn/aSlackwareRed Hat, Inc.SUSENetBSD
Product-netbsdsuse_linuxx11r6linuxslackware_linuxn/a
CVE-1999-0303
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.06% / 17.00%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.

Action-Not Available
Vendor-digitaln/aOpenBSDNetBSDSun Microsystems (Oracle Corporation)
Product-netbsdopenbsdsolarissunososf_1n/a
CVE-2009-2793
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.07% / 22.94%
||
7 Day CHG~0.00%
Published-18 Sep, 2009 | 22:00
Updated-07 Aug, 2024 | 06:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The kernel in NetBSD, probably 5.0.1 and earlier, on x86 platforms does not properly handle a pre-commit failure of the iret instruction, which might allow local users to gain privileges via vectors related to a tempEIP pseudocode variable that is outside of the code-segment limits.

Action-Not Available
Vendor-n/aNetBSD
Product-netbsdn/a
CWE ID-CWE-264
Not Available
CVE-2006-0145
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.07% / 22.62%
||
7 Day CHG~0.00%
Published-09 Jan, 2006 | 23:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and gain privileges via the lseek system call.

Action-Not Available
Vendor-n/aNetBSD
Product-netbsdn/a
CVE-2008-1215
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.40% / 60.01%
||
7 Day CHG~0.00%
Published-09 Mar, 2008 | 02:00
Updated-07 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing "~" characters.

Action-Not Available
Vendor-n/aOpenBSDFreeBSD FoundationNetBSD
Product-openbsdfreebsdnetbsdn/a
CWE ID-CWE-264
Not Available
Details not found