Total
193 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0514 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 5.0 MEDIUM | N/A |
PF in OpenBSD 3.0 with the return-rst rule sets the TTL to 128 in the RST packet, which allows remote attackers to determine if a port is being filtered because the TTL is different than the default TTL. | |||||
CVE-2001-0378 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 2.1 LOW | N/A |
readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history files with insecure permissions, which allows a local attacker to recover potentially sensitive information via readline history files. | |||||
CVE-2004-0221 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 5.0 MEDIUM | N/A |
isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a delete payload containing a large number of SPIs, which triggers an out-of-bounds read error, as demonstrated by the Striker ISAKMP Protocol Test Suite. | |||||
CVE-2000-1208 | 4 Immunix, Netbsd, Openbsd and 1 more | 4 Immunix, Netbsd, Openbsd and 1 more | 2024-02-28 | 7.2 HIGH | N/A |
Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call. | |||||
CVE-2002-0414 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2024-02-28 | 7.5 HIGH | N/A |
KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets. | |||||
CVE-2004-0106 | 2 Openbsd, Xfree86 Project | 2 Openbsd, X11r6 | 2024-02-28 | 7.2 HIGH | N/A |
Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vulnerabilities than CVE-2004-0083 and CVE-2004-0084. | |||||
CVE-2004-0819 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 5.0 MEDIUM | N/A |
The bridge functionality in OpenBSD 3.4 and 3.5, when running a gateway configured as a bridging firewall with the link2 option for IPSec enabled, allows remote attackers to cause a denial of service (crash) via an ICMP echo (ping) packet. | |||||
CVE-2002-0557 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 7.5 HIGH | N/A |
Vulnerability in OpenBSD 3.0, when using YP with netgroups in the password database, causes (1) rexec or (2) rsh to run another user's shell, or (3) atrun to change to a different user's directory, possibly due to memory allocation failures or an incorrect call to auth_approval(). | |||||
CVE-1999-0482 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 5.0 MEDIUM | N/A |
OpenBSD kernel crash through TSS handling, as caused by the crashme program. | |||||
CVE-2002-0701 | 2 Freebsd, Openbsd | 2 Freebsd, Openbsd | 2024-02-28 | 2.1 LOW | N/A |
ktrace in BSD-based operating systems allows the owner of a process with special privileges to trace the process after its privileges have been lowered, which may allow the owner to obtain sensitive information that the process obtained while it was running with the extra privileges. | |||||
CVE-2001-1244 | 7 Freebsd, Hp, Linux and 4 more | 9 Freebsd, Hp-ux, Vvos and 6 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process. | |||||
CVE-2000-0994 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 7.2 HIGH | N/A |
Format string vulnerability in OpenBSD fstat program (and possibly other BSD-based operating systems) allows local users to gain root privileges via the PWD environmental variable. | |||||
CVE-2001-0402 | 3 Darren Reed, Freebsd, Openbsd | 3 Ipfilter, Freebsd, Openbsd | 2024-02-28 | 7.5 HIGH | N/A |
IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port. | |||||
CVE-2002-1915 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file. | |||||
CVE-2000-0962 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 5.0 MEDIUM | N/A |
The IPSEC implementation in OpenBSD 2.7 does not properly handle empty AH/ESP packets, which allows remote attackers to cause a denial of service. | |||||
CVE-1999-0484 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 2.1 LOW | N/A |
Buffer overflow in OpenBSD ping. | |||||
CVE-2000-0751 | 3 Netbsd, Openbsd, Redhat | 3 Netbsd, Openbsd, Linux | 2024-02-28 | 7.5 HIGH | N/A |
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands. | |||||
CVE-2002-0572 | 3 Freebsd, Openbsd, Sun | 4 Freebsd, Openbsd, Solaris and 1 more | 2024-02-28 | 7.2 HIGH | N/A |
FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files. | |||||
CVE-2003-0466 | 7 Apple, Freebsd, Netbsd and 4 more | 8 Mac Os X, Mac Os X Server, Freebsd and 5 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO. | |||||
CVE-2004-0222 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 5.0 MEDIUM | N/A |
Multiple memory leaks in isakmpd in OpenBSD 3.4 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via certain ISAKMP packets, as demonstrated by the Striker ISAKMP Protocol Test Suite. |