Filtered by vendor Openbsd
Subscribe
Total
320 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0995 | 1 Openbsd | 1 Openbsd | 2024-11-20 | 7.2 HIGH | N/A |
Format string vulnerability in OpenBSD yp_passwd program (and possibly other BSD-based operating systems) allows attackers to gain root privileges a malformed name. | |||||
CVE-2000-0994 | 1 Openbsd | 1 Openbsd | 2024-11-20 | 7.2 HIGH | N/A |
Format string vulnerability in OpenBSD fstat program (and possibly other BSD-based operating systems) allows local users to gain root privileges via the PWD environmental variable. | |||||
CVE-2000-0993 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2024-11-20 | 7.2 HIGH | N/A |
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd. | |||||
CVE-2000-0992 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2024-11-20 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack. | |||||
CVE-2000-0962 | 1 Openbsd | 1 Openbsd | 2024-11-20 | 5.0 MEDIUM | N/A |
The IPSEC implementation in OpenBSD 2.7 does not properly handle empty AH/ESP packets, which allows remote attackers to cause a denial of service. | |||||
CVE-2000-0914 | 1 Openbsd | 1 Openbsd | 2024-11-20 | 5.0 MEDIUM | N/A |
OpenBSD 2.6 and earlier allows remote attackers to cause a denial of service by flooding the server with ARP requests. | |||||
CVE-2000-0751 | 3 Netbsd, Openbsd, Redhat | 3 Netbsd, Openbsd, Linux | 2024-11-20 | 7.5 HIGH | N/A |
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands. | |||||
CVE-2000-0750 | 3 Netbsd, Openbsd, Redhat | 3 Netbsd, Openbsd, Linux | 2024-11-20 | 7.5 HIGH | N/A |
Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name. | |||||
CVE-2000-0574 | 2 Openbsd, Washington University | 2 Ftpd, Wu-ftpd | 2024-11-20 | 5.0 MEDIUM | N/A |
FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands. | |||||
CVE-2000-0525 | 1 Openbsd | 1 Openssh | 2024-11-20 | 10.0 HIGH | N/A |
OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary commands by providing the command to the ssh daemon. | |||||
CVE-2000-0489 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2024-11-20 | 2.1 LOW | N/A |
FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers. | |||||
CVE-2000-0313 | 1 Openbsd | 1 Openbsd | 2024-11-20 | 4.6 MEDIUM | N/A |
Vulnerability in OpenBSD 2.6 allows a local user to change interface media configurations. | |||||
CVE-2000-0312 | 1 Openbsd | 1 Openbsd | 2024-11-20 | 7.2 HIGH | N/A |
cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL terminated, which is passed to cron's fake popen function. | |||||
CVE-2000-0310 | 1 Openbsd | 1 Openbsd | 2024-11-20 | 5.0 MEDIUM | N/A |
IP fragment assembly in OpenBSD 2.4 allows a remote attacker to cause a denial of service by sending a large number of fragmented packets. | |||||
CVE-2000-0309 | 1 Openbsd | 1 Openbsd | 2024-11-20 | 2.1 LOW | N/A |
The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service. | |||||
CVE-2000-0217 | 2 Openbsd, Ssh | 3 Openssh, Ssh, Ssh2 | 2024-11-20 | 5.1 MEDIUM | N/A |
The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program. | |||||
CVE-2000-0143 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2024-11-20 | 4.6 MEDIUM | N/A |
The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP. | |||||
CVE-2000-0092 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2024-11-20 | 6.2 MEDIUM | N/A |
The BSD make program allows local users to modify files via a symlink attack when the -j option is being used. | |||||
CVE-1999-1225 | 5 Digital, Linux, Netbsd and 2 more | 5 Ultrix, Linux Kernel, Netbsd and 2 more | 2024-11-20 | 5.0 MEDIUM | N/A |
rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not. | |||||
CVE-1999-1214 | 5 Bsd, Freebsd, Netbsd and 2 more | 5 Bsd, Freebsd, Netbsd and 2 more | 2024-11-20 | 2.1 LOW | N/A |
The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID. |