NetBSD's netstat program contains a flaw that may lead to an unauthorized information disclosure. The kernel protocol control block code fails to properly checks that memory being displayed is a protocol control block. The issue is triggered when the code which allows printing of kernel protocol control blocks is improperly accessed, which will disclose portions of kernel memory to a non-root user, resulting in a loss of confidentiality.
Upgrade to a NetBSD-current version 19990208 or newer, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by applying the vendor-supplied patch, or by disabling netstat for non-root users.