Filtered by vendor Openbsd
Subscribe
Total
322 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0960 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple vulnerabilities in the SACK functionality in (1) tcp_input.c and (2) tcp_usrreq.c OpenBSD 3.5 and 3.6 allow remote attackers to cause a denial of service (memory exhaustion or system crash). | |||||
| CVE-2000-0143 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2025-04-03 | 4.6 MEDIUM | N/A |
| The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP. | |||||
| CVE-2004-0219 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a malformed IPSEC SA payload, as demonstrated by the Striker ISAKMP Protocol Test Suite. | |||||
| CVE-2002-0640 | 1 Openbsd | 1 Openssh | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authentication (PAMAuthenticationViaKbdInt). | |||||
| CVE-2002-0414 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2025-04-03 | 7.5 HIGH | N/A |
| KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets. | |||||
| CVE-2000-0310 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| IP fragment assembly in OpenBSD 2.4 allows a remote attacker to cause a denial of service by sending a large number of fragmented packets. | |||||
| CVE-2001-0872 | 3 Openbsd, Redhat, Suse | 3 Openssh, Linux, Suse Linux | 2025-04-03 | 7.2 HIGH | N/A |
| OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges. | |||||
| CVE-1999-0798 | 5 Bsdi, Freebsd, Openbsd and 2 more | 7 Bsd Os, Freebsd, Openbsd and 4 more | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type. | |||||
| CVE-2001-1029 | 2 Freebsd, Openbsd | 2 Freebsd, Openssh | 2025-04-03 | 2.1 LOW | N/A |
| libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or welcome files. | |||||
| CVE-1999-0483 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 2.1 LOW | N/A |
| OpenBSD crash using nlink value in FFS and EXT2FS filesystems. | |||||
| CVE-2004-0220 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 10.0 HIGH | N/A |
| isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service via an ISAKMP packet with a malformed Cert Request payload, which causes an integer underflow that is used in a malloc operation that is not properly handled, as demonstrated by the Striker ISAKMP Protocol Test Suite. | |||||
| CVE-2000-0309 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 2.1 LOW | N/A |
| The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service. | |||||
| CVE-2000-0092 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2025-04-03 | 6.2 MEDIUM | N/A |
| The BSD make program allows local users to modify files via a symlink attack when the -j option is being used. | |||||
| CVE-2001-0284 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option. | |||||
| CVE-2004-0222 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple memory leaks in isakmpd in OpenBSD 3.4 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via certain ISAKMP packets, as demonstrated by the Striker ISAKMP Protocol Test Suite. | |||||
| CVE-1999-0303 | 4 Digital, Netbsd, Openbsd and 1 more | 5 Osf 1, Netbsd, Openbsd and 2 more | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. | |||||
| CVE-2002-2280 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 2.1 LOW | N/A |
| syslogd on OpenBSD 2.9 through 3.2 does not change the source IP address of syslog packets when the machine's IP addressed is changed without rebooting, e.g. via ifconfig, which can cause incorrect information to be sent to the syslog server. | |||||
| CVE-2001-0378 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 2.1 LOW | N/A |
| readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history files with insecure permissions, which allows a local attacker to recover potentially sensitive information via readline history files. | |||||
| CVE-2003-0466 | 7 Apple, Freebsd, Netbsd and 4 more | 8 Mac Os X, Mac Os X Server, Freebsd and 5 more | 2025-04-03 | 10.0 HIGH | 9.8 CRITICAL |
| Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO. | |||||
| CVE-2001-0268 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2025-04-03 | 7.2 HIGH | N/A |
| The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address. | |||||