Filtered by vendor Openbsd
Subscriptions
Filtered by product Openbsd
Subscriptions
Total
195 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2000-0751 | 3 Netbsd, Openbsd, Redhat | 3 Netbsd, Openbsd, Linux | 2024-08-08 | N/A |
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands. | ||||
CVE-2000-0489 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2024-08-08 | N/A |
FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers. | ||||
CVE-2000-0313 | 1 Openbsd | 1 Openbsd | 2024-08-08 | N/A |
Vulnerability in OpenBSD 2.6 allows a local user to change interface media configurations. | ||||
CVE-2000-0309 | 1 Openbsd | 1 Openbsd | 2024-08-08 | N/A |
The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service. | ||||
CVE-2000-0312 | 1 Openbsd | 1 Openbsd | 2024-08-08 | N/A |
cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL terminated, which is passed to cron's fake popen function. | ||||
CVE-2000-0310 | 1 Openbsd | 1 Openbsd | 2024-08-08 | N/A |
IP fragment assembly in OpenBSD 2.4 allows a remote attacker to cause a denial of service by sending a large number of fragmented packets. | ||||
CVE-2000-0092 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2024-08-08 | N/A |
The BSD make program allows local users to modify files via a symlink attack when the -j option is being used. | ||||
CVE-2001-1415 | 1 Openbsd | 1 Openbsd | 2024-08-08 | N/A |
vi.recover in OpenBSD before 3.1 allows local users to remove arbitrary zero-byte files such as device nodes. | ||||
CVE-2001-1244 | 7 Freebsd, Hp, Linux and 4 more | 9 Freebsd, Hp-ux, Vvos and 6 more | 2024-08-08 | N/A |
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process. | ||||
CVE-2001-1145 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2024-08-08 | N/A |
fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories. | ||||
CVE-2001-1047 | 1 Openbsd | 1 Openbsd | 2024-08-08 | N/A |
Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2) calling dup2 on a file descriptor in one process, then setting the descriptor to NULL via a close in another process that is created via rfork. | ||||
CVE-2001-0670 | 5 Bsd, Freebsd, Netbsd and 2 more | 5 Bsd, Freebsd, Netbsd and 2 more | 2024-08-08 | N/A |
Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue. | ||||
CVE-2001-0554 | 10 Debian, Freebsd, Ibm and 7 more | 12 Debian Linux, Freebsd, Aix and 9 more | 2024-08-08 | N/A |
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. | ||||
CVE-2001-0402 | 3 Darren Reed, Freebsd, Openbsd | 3 Ipfilter, Freebsd, Openbsd | 2024-08-08 | N/A |
IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port. | ||||
CVE-2001-0378 | 1 Openbsd | 1 Openbsd | 2024-08-08 | N/A |
readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history files with insecure permissions, which allows a local attacker to recover potentially sensitive information via readline history files. | ||||
CVE-2001-0284 | 1 Openbsd | 1 Openbsd | 2024-08-08 | N/A |
Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option. | ||||
CVE-2001-0268 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2024-08-08 | N/A |
The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address. | ||||
CVE-2001-0247 | 5 Freebsd, Mit, Netbsd and 2 more | 5 Freebsd, Kerberos 5, Netbsd and 2 more | 2024-08-08 | N/A |
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. | ||||
CVE-2001-0053 | 3 David Madore, Netbsd, Openbsd | 3 Ftpd-bsd, Netbsd, Openbsd | 2024-08-08 | N/A |
One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges. | ||||
CVE-2002-2280 | 1 Openbsd | 1 Openbsd | 2024-08-08 | N/A |
syslogd on OpenBSD 2.9 through 3.2 does not change the source IP address of syslog packets when the machine's IP addressed is changed without rebooting, e.g. via ifconfig, which can cause incorrect information to be sent to the syslog server. |