Vulnerabilities (CVE)

Filtered by vendor Openbsd Subscribe
Total 320 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2000-0995 1 Openbsd 1 Openbsd 2024-11-20 7.2 HIGH N/A
Format string vulnerability in OpenBSD yp_passwd program (and possibly other BSD-based operating systems) allows attackers to gain root privileges a malformed name.
CVE-2000-0994 1 Openbsd 1 Openbsd 2024-11-20 7.2 HIGH N/A
Format string vulnerability in OpenBSD fstat program (and possibly other BSD-based operating systems) allows local users to gain root privileges via the PWD environmental variable.
CVE-2000-0993 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2024-11-20 7.2 HIGH N/A
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd.
CVE-2000-0992 2 Openbsd, Ssh 2 Openssh, Ssh 2024-11-20 5.0 MEDIUM N/A
Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack.
CVE-2000-0962 1 Openbsd 1 Openbsd 2024-11-20 5.0 MEDIUM N/A
The IPSEC implementation in OpenBSD 2.7 does not properly handle empty AH/ESP packets, which allows remote attackers to cause a denial of service.
CVE-2000-0914 1 Openbsd 1 Openbsd 2024-11-20 5.0 MEDIUM N/A
OpenBSD 2.6 and earlier allows remote attackers to cause a denial of service by flooding the server with ARP requests.
CVE-2000-0751 3 Netbsd, Openbsd, Redhat 3 Netbsd, Openbsd, Linux 2024-11-20 7.5 HIGH N/A
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.
CVE-2000-0750 3 Netbsd, Openbsd, Redhat 3 Netbsd, Openbsd, Linux 2024-11-20 7.5 HIGH N/A
Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name.
CVE-2000-0574 2 Openbsd, Washington University 2 Ftpd, Wu-ftpd 2024-11-20 5.0 MEDIUM N/A
FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands.
CVE-2000-0525 1 Openbsd 1 Openssh 2024-11-20 10.0 HIGH N/A
OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary commands by providing the command to the ssh daemon.
CVE-2000-0489 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2024-11-20 2.1 LOW N/A
FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers.
CVE-2000-0313 1 Openbsd 1 Openbsd 2024-11-20 4.6 MEDIUM N/A
Vulnerability in OpenBSD 2.6 allows a local user to change interface media configurations.
CVE-2000-0312 1 Openbsd 1 Openbsd 2024-11-20 7.2 HIGH N/A
cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL terminated, which is passed to cron's fake popen function.
CVE-2000-0310 1 Openbsd 1 Openbsd 2024-11-20 5.0 MEDIUM N/A
IP fragment assembly in OpenBSD 2.4 allows a remote attacker to cause a denial of service by sending a large number of fragmented packets.
CVE-2000-0309 1 Openbsd 1 Openbsd 2024-11-20 2.1 LOW N/A
The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service.
CVE-2000-0217 2 Openbsd, Ssh 3 Openssh, Ssh, Ssh2 2024-11-20 5.1 MEDIUM N/A
The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program.
CVE-2000-0143 2 Openbsd, Ssh 2 Openssh, Ssh 2024-11-20 4.6 MEDIUM N/A
The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP.
CVE-2000-0092 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2024-11-20 6.2 MEDIUM N/A
The BSD make program allows local users to modify files via a symlink attack when the -j option is being used.
CVE-1999-1225 5 Digital, Linux, Netbsd and 2 more 5 Ultrix, Linux Kernel, Netbsd and 2 more 2024-11-20 5.0 MEDIUM N/A
rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not.
CVE-1999-1214 5 Bsd, Freebsd, Netbsd and 2 more 5 Bsd, Freebsd, Netbsd and 2 more 2024-11-20 2.1 LOW N/A
The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.