NetBSD Wiki/users/spz/
Security Vulnerability Reference List
Security Vulnerability Reference List
Affected files, fix dates for specific releases and fixed versions can be found through the 'Fixed in Releases' link.
| Identifier | Topic | Impact | Fixed in HEAD | Fixed in Releases | Advisory |
|---|---|---|---|---|---|
| CVE-2010-3613 | BIND DoS due to improper handling of RRSIG records | remote DoS | 20101202 | 20110123 | 2011-001 |
| CVE-2011-0014 | OpenSSL TLS extension parsing race condition | DoS, info leak | 20110211 | 20110217 | 2011-002 |
| - | Exhausting kernel memory from user controlled value | local DoS | 20110304 | ?20110307 | 2011-003 |
| CVE-2011-1547 | Kernel stack overflow via nested IPCOMP packet | remote DoS | 20110401 | ?20110403 | 2011-004 |
| CVE-2011-0997 | ISC dhclient environment sanitizing | remote script execution | 20110406 | ?20110407 | 2011-005 |
| CVE-2011-2464 | BIND DoS via packet with rrtype zero | remote DoS | 20110706 | ?20110716 | 2011-006 |
| CVE-2011-2895 | LZW decoding loop on manipulated compressed files | DoS, info leak | 20110816 | ?20110819 | 2011-007 |
| CVE-2011-4122 | OpenPAM privilege escalation | privilege escalation | 20111109 | ?20111119 | 2011-008 |
| CVE-2011-4313 | BIND resolver DoS | remote DoS | 20111116 | ?20111120 | 2011-009 |
| CVE-2011-4862 | telnetd unchecked encryption key length | remote code execution | 20111223 | ?20111231 | |
| CVE-2010-1166 | incorrect macro definition in Xrender | auth user DoS + remote code execution | 20111230 | ?20120101 | |
Add a comment